Generate Random Passphrase in Connect to AD

Problem

Connect to AD supports randomly generated or hardcoded dynamic passwords as its primary provisioning options. However, passwords are increasingly being replaced by more user-friendly alternatives, like passphrases, sequences of common words, which are easier to read and communicate while still meeting most security requirements.

Solution

Connect to AD now supports generating passphrases alongside the existing approaches:

GeneratePassphrase(wordCount, maxLength, includeUpper, includeNumbers, includeSpecial)

Instead of random characters, this method builds a password using a passphrase, making it easier to read and communicate in automated notifications and manual handoffs.

  • wordCount: number of words in the passphrase
  • maxLength: maximum total character length (hard cap: 25)
  • includeUpper: capitalizes the first letter of the passphrase
  • includeNumbers : appends a number
  • includeSpecial : included a special character

Example expression:

GeneratePassphrase(3, 15, true, true, true)

Example result: Scarlet@Topaz5

GeneratePassphrase(3, 15, false, true, true)

Example result: ivory$galaxy3

GeneratePassphrase(3, 15, false, false, true)

Example result:  lemoncloud$onyx

GeneratePassphrase(3, 15, false, false, false)

Example result: cherrydaisycloud

  • If includeUpper is enabled, only the first letter of the passphrase is capitalized.
  • The word pool is loaded from a customizable text file. 

 

Conclusion

Passphrase generation adds a more readable alternative to random strings, enhancing Connect to AD's existing provisioning capabilities.


 

Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.