Security – Random Password Generation C #

So, I have a method that, after validation, generates a random password based on the length and characters provided. The user interface uses check boxes to select the use of lowercase and / or uppercase letters, numbers and special characters to complete the character parameter. as well as the length of the password and the space between each character used (that is, if the space between characters is set to & # 39; 10 & # 39 ;, the letter & # 39; A & # 39 ;, for example, only can be used again after another 10 unique characters are used first):

enter the description of the image here

The generator method:

    private string PasswordGeneration(string characters, int length)
    {
        var random = Factory.Random(); //Generates new Random() from Factory class.
        var availableCharacters = characters; //Preps the available characters with all characters passed.
        var output = string.Empty;
        var rule = ValidateRule(characters.Length); //Sets character rule to length of parameter "characters" if the unique character spacing is set higher than the number of available characters to use. 
        for (var position = 0; position < length; position++) //loop until we've met the password's desired length.
        {
            if (rule != 0 && (characters.Length - availableCharacters.Length == rule)) //if a character rule is set & if we've met the criteria of the number of unique characters asked for...
            {
                availableCharacters = characters.Where(c => !output.Substring((position - rule) + 1, rule - 1).Contains(c)).Aggregate(availableCharacters, (current, c) => current + (current.Contains(c) ? string.Empty : c.ToString()));
                //...we add back all characters for usage other than the last n characters used dictated by the unique character rule.
            }
            var character = availableCharacters(random.Next(availableCharacters.Length)); //Grabs a random character from availableCharacters.
            availableCharacters = rule == 0 ? availableCharacters : availableCharacters.Replace(character.ToString(), string.Empty); //If a character rule is set, we remove the currently used character from availableCharacters.
            output += character; //Append "character" to output.
        }
        return output;
    }

The method & # 39; ValidateRule () & # 39 ;:

        private int ValidateRule(int length) => 
        length - _settings.IdenticalSpacing > 0 
            ? _settings.IdenticalSpacing
            : length;

And to facilitate the reading of what happens with the LINQ expression inside the if statement:

foreach(var c in characters)//...we iterate through the original set of characters...
{
    if(output.Substring((position - rule) + 1, rule -1).Contains(c) == false)//...and check to see if the a specific range contains each character. If the range doesn't contain the current character...
    {
        foreach(var availableCharacter in availableCharacters)//...we iterate through our available characters to see if it doesn't already contains the current character...
        {
            if(!Equals(availableCharacter, c))
            {
                availableCharacters += c; //...if not, we make the character available for use again.
            }
        }
    }
}

As indicated above, the character length and password parameters are validated before passing them to PasswordGeneration (), so I did not add any null checks or incorrect entry checks that are not for the character spacing rule. While everything works perfectly without errors, I feel that the code seems messy and, of course, a bit difficult to read. I can't help thinking that there is a much simpler approach without a lot of loops and conditions or long LINQ expressions. However, I would love to hear some comments about what everyone thinks and, of course, how I can improve this.

Shortcut application: the guy on the iOS device changed the screen time password and says no, help me catch it

My son has an iphone xs. We set a screen time code because he kept turning off the location of his phone. and then, when I looked at the phone, the same restrictions were blocked. I changed "share my location" to "always" or "allow." Now it has changed to "never" or is dimmed … and my son seems to have discovered the access code on the screen and changed it. I can no longer log in to the screentime password that I set. I wrote Now there are so many attempts that I have to wait more than an hour before trying again, says the alert. I have 87 attempts. It was changed.

I found an application that would locate the last password set and this application can't even find it. Phone location is still shared on my phone, but the location option on your phone is set to never share.

I also noticed that there were text messages in section 3 … that I had never seen. They told me that when the phone was updated, this came with it.

The shortcut application on the phone that I noticed allows a script option and things like that. Is this a new standard application update or was it something that was put on the phone?

Either way, I have access to the phone but I can't do anything and I don't know what access code was set.

How can I regain control over this device?

Is it safe to set the encryption password the same as the root password?

When installing Manjaro Linux, it displays the following screen:

enter the description of the image here

What is the logic behind that?

Azure Active Directory password policy

I am using AADDS.

I created a custom FGPP in the active directory with a precedence of 1 and applied it to "Domain Users". I changed the minimum length of a password to 14 characters.

This forced several accounts to create new passwords.

Nevertheless…

I'm confused. Can anyone advise me?

ssas: connection string error, quotation marks in the password

I am trying to connect to a tabular model with OleDbConnection in C # with this connection string:

Provider=MSOLAP;Data Source=asazure://someURL/azuretabular;User ID=user@domain.com;Password=abc123"";Persist Security Info=True;Impersonation Level=Impersonate;SspropInitAppName=my app;ClientProcessID=123456

The problem is the password.

with a password like abc123! works

I can't make it work with a password with quotes.
I tried all this and failed:

password=abc123""
password='abc123""'
password='abc123""""'
password='abc123""'
password='abc123%22%22'
password='abc123""'

getting this error:

Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: AADSTS50126: Error validating credentials due to invalid username or password.

Any idea how to escape the two quotes?

Thank you

hash: user password authentication and decryption password: multiple hash rounds

When multiple hash rounds are done, why can't John the Ripper crack decrypt hash passwords? (several rounds of hashes basically).
On the other hand, the system can, however, authenticate a user even when passwords are stored using multiple hashing. How do you do that?
is that John the Ripper can only decipher 1 level of the hash password. And the system just matches the hash with the database or something?

Encryption – OpenSSL – Avoid any output file if the password is incorrect

When you run OpenSSL with the following parameters, regardless of whether the password is correct or not, OpenSSL will always create the file specified in -out parameter (if the password is incorrect, the file will be empty):

openssl aes-256-cbc -d -a -in "C:FilepathFileToDecrypt.txt" -out "C:FilepathDecryptedOutput.txt" -pass pass:incorrectpassword

Is there any way to ensure that OpenSSL only creates that file specified in the -out parameter if the password is correct?

Password in macbook

I keep trying to clear my saved passwords, but after typing my password to unlock the passwords … it gives me between 3 and 30 seconds before it locks me again. Why is he doing this and how do I get him to connect?

Password required when buying theater tickets

When I bought the tickets for the theater on the biletru.co.il site, I was asked for the email address and password. Why ? If it is dangerous to enter the password in this case?