Ivan Uzunov Blog

How to Create a Random Password in MySQL

June 7th, 2007 by Ivan Uzunov

It is quite simple:

SELECT LEFT(md5(UUID()), 10)

The UUID() function returns a Universal Unique Identifier (UUID). The rest is obvious

If you are looking for the same functionality in MS SQL click here.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.

on 08 Jun 2007 at 9:43 am Josh Storz

There are many ways to accomplish this, yours is one. May I suggest doing md5(md5()) for only a bit more code little more security.
on 09 Jun 2007 at 9:37 am Peter Cooper

Since we’re dealing with a UUID, MD5ing it twice isn’t really giving any advantage over once. I do spy one possible flaw though?

You surely don’t want people to have to type in (yes, some people don’t seem to know about cut and paste ) a 32 character password? Just move the LEFT to the outside:

SELECT LEFT(MD5(UUID()), ;

I must admit I don’t see any compelling reason to trim the UUID down to the left 8, because it’ll hash the whole thing anyway.. although admittedly SHA1 would be nicer..

SELECT LEFT(SHA1(UUID()), ;

Didn’t know there was SHA1 as well, but it seems to just work
on 11 Jun 2007 at 4:05 am Q4

32-char passwords are fine if you’re doing your actual connections with public/private keys.

Agree on the LEFT() being a Bad Thing, though - you’re reducing the entropy of the password to the point where it’s within the range of a rainbow table.
on 11 Jun 2007 at 8:37 am Ivan Uzunov

Yep, you are right - it should be like this:

SELECT LEFT(md5(UUID()), 10)

I’ve changed it in the post.