How to generate a random alpha-numeric string

Question

I ve been looking for a simple Java algorithm to generate a pseudo-random alpha-numeric string   In my situation it would be used as a unique session key identifier that would  likely  be unique over 500K  generation  my needs don t really require anything much more sophisticated      Ideally  I would be able to specify a length depending on my uniqueness needs  For example  a generated string of length 12 might look something like  AEYGF7K0DM1X

User · Answer

Here it is in Java   import static java lang Math round  import static java lang Math random  import static java lang Math pow  import static java lang Math abs  import static java lang Math min  import static org apache commons lang StringUtils leftPad  public class RandomAlphaNum     public static String gen int length        StringBuffer sb   new StringBuffer        for  int i   length  i  gt  0  i -  12          int n   min 12  abs i          sb append leftPad Long toString round random     pow 36  n    36   n   0               return sb toString            Here s a sample run   scala gt  RandomAlphaNum gen 42  res3  java lang String   uja6snx21bswf9t89s00bxssu8g6qlu16ffzqaxxoy

User · Answer

Here it is a Scala solution    for  i  lt - 0 until rnd nextInt 64   yield        0    rnd nextInt 64   asInstanceOf Char      mkString

User · Answer

Using an Apache Commons library  it can be done in one line  import org apache commons lang RandomStringUtils  RandomStringUtils randomAlphanumeric 64    Documentation

User · Answer

If you re happy to use Apache classes  you could use org apache commons text RandomStringGenerator  Apache Commons Text   Example  RandomStringGenerator randomStringGenerator           new RandomStringGenerator Builder                    withinRange  0    z                    filteredBy CharacterPredicates LETTERS  CharacterPredicates DIGITS                   build    randomStringGenerator generate 12      toUpperCase   if you want  Since Apache Commons Lang 3 6  RandomStringUtils is deprecated

User · Answer

I don t really like any of these answers regarding a  quot simple quot  solution  S I would go for a simple     pure Java  one liner  entropy is based on random string length and the given character set   public String randomString int length  String characterSet        return IntStream range 0  length  map i - gt  new SecureRandom   nextInt characterSet length     mapToObj randomInt - gt  characterSet substring randomInt  randomInt   1   collect Collectors joining         Test public void buildFiveRandomStrings         for  int q   0  q  lt  5  q              System out println randomString 10   quot ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 quot        The character set can basically be anything          Or  a bit more readable old way  public String randomString int length  String characterSet        StringBuilder sb   new StringBuilder       Consider using StringBuffer if needed     for  int i   0  i  lt  length  i              int randomInt   new SecureRandom   nextInt characterSet length             sb append characterSet substring randomInt  randomInt   1              return sb toString        Test public void buildFiveRandomStrings         for  int q   0  q  lt  5  q              System out println randomString 10   quot ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 quot        The character set can basically be anything          But on the other hand you could also go with UUID which has a pretty good entropy  UUID randomUUID   toString   replace  quot - quot    quot  quot

User · Answer

Maybe this is helpful  package password generater   import java util Random              author dell     public class PasswordGenerater                    param args the command line arguments             public static void main String   args            int length  11          System out println generatePswd length                TODO code application logic here           static char   generatePswd int len           System out println  Your Password             String charsCaps  ABCDEFGHIJKLMNOPQRSTUVWXYZ            String Chars  abcdefghijklmnopqrstuvwxyz           String nums  0123456789           String symbols         amp      -         gt  lt    -            String passSymbols charsCaps   Chars   nums  symbols          Random rnd new Random            char   password new char len            for int i 0  i lt len i                 password i  passSymbols charAt rnd nextInt passSymbols length                      return password

User · Answer

Algorithm  To generate a random string  concatenate characters drawn randomly from the set of acceptable symbols until the string reaches the desired length   Implementation  Here s some fairly simple and very flexible code for generating random identifiers  Read the information that follows for important application notes   public class RandomString                   Generate a random string              public String nextString             for  int idx   0  idx  lt  buf length    idx              buf idx    symbols random nextInt symbols length            return new String buf              public static final String upper    ABCDEFGHIJKLMNOPQRSTUVWXYZ        public static final String lower   upper toLowerCase Locale ROOT        public static final String digits    0123456789        public static final String alphanum   upper   lower   digits       private final Random random       private final char   symbols       private final char   buf       public RandomString int length  Random random  String symbols            if  length  lt  1  throw new IllegalArgumentException            if  symbols length    lt  2  throw new IllegalArgumentException            this random   Objects requireNonNull random           this symbols   symbols toCharArray            this buf   new char length                         Create an alphanumeric string generator              public RandomString int length  Random random            this length  random  alphanum                         Create an alphanumeric strings from a secure generator              public RandomString int length            this length  new SecureRandom                           Create session identifiers              public RandomString             this 21              Usage examples  Create an insecure generator for 8-character identifiers   RandomString gen   new RandomString 8  ThreadLocalRandom current       Create a secure generator for session identifiers   RandomString session   new RandomString      Create a generator with easy-to-read codes for printing  The strings are longer than full alphanumeric strings to compensate for using fewer symbols   String easy   RandomString digits    ACEFGHJKLMNPQRUVWXYabcdefhijkprstuvwx   RandomString tickets   new RandomString 23  new SecureRandom    easy     Use as session identifiers  Generating session identifiers that are likely to be unique is not good enough  or you could just use a simple counter  Attackers hijack sessions when predictable identifiers are used   There is tension between length and security  Shorter identifiers are easier to guess  because there are fewer possibilities  But longer identifiers consume more storage and bandwidth  A larger set of symbols helps  but might cause encoding problems if identifiers are included in URLs or re-entered by hand   The underlying source of randomness  or entropy  for session identifiers should come from a random number generator designed for cryptography  However  initializing these generators can sometimes be computationally expensive or slow  so effort should be made to re-use them when possible   Use as object identifiers  Not every application requires security  Random assignment can be an efficient way for multiple entities to generate identifiers in a shared space without any coordination or partitioning  Coordination can be slow  especially in a clustered or distributed environment  and splitting up a space causes problems when entities end up with shares that are too small or too big   Identifiers generated without taking measures to make them unpredictable should be protected by other means if an attacker might be able to view and manipulate them  as happens in most web applications  There should be a separate authorization system that protects objects whose identifier can be guessed by an attacker without access permission   Care must be also be taken to use identifiers that are long enough to make collisions unlikely given the anticipated total number of identifiers  This is referred to as  the birthday paradox   The probability of a collision  p  is approximately n2  2qx   where n is the number of identifiers actually generated  q is the number of distinct symbols in the alphabet  and x is the length of the identifiers  This should be a very small number  like 2  8209 50 or less   Working this out shows that the chance of collision among 500k 15-character identifiers is about 2  8209 52  which is probably less likely than undetected errors from cosmic rays  etc   Comparison with UUIDs  According to their specification  UUIDs are not designed to be unpredictable  and should not be used as session identifiers   UUIDs in their standard format take a lot of space  36 characters for only 122 bits of entropy   Not all bits of a  random  UUID are selected randomly   A randomly chosen alphanumeric string packs more entropy in just 21 characters   UUIDs are not flexible  they have a standardized structure and layout  This is their chief virtue as well as their main weakness  When collaborating with an outside party  the standardization offered by UUIDs may be helpful  For purely internal use  they can be inefficient

User · Answer

Yet another solution    public static String generatePassword int passwordLength        int asciiFirst   33      int asciiLast   126      Integer   exceptions     34  39  96         List lt Integer gt  exceptionsList   Arrays asList exceptions       SecureRandom random   new SecureRandom        StringBuilder builder   new StringBuilder        for  int i 0  i lt passwordLength  i              int charIndex           do               charIndex   random nextInt asciiLast - asciiFirst   1    asciiFirst                    while  exceptionsList contains charIndex             builder append  char  charIndex             return builder toString

User · Answer

You can create a character array which includes all the letters and numbers  and then you can randomly select from this character array and create your own string password  char   chars   new char 62      Sum of letters and numbers  int i   0   for char c    a   c  lt    z   c         For letters     chars i      c     for char c    0   c  lt    9  c         For numbers     chars i      c     for char c    A   c  lt    Z  c         For capital letters     chars i      c     int numberOfCodes   0  String code    quot  quot   while  numberOfCodes  lt  1       Enter how much you want to generate at one time     int numChars   8     Enter how many digits you want in your password      for i   0  i  lt  numChars  i              char c   chars  int  Math random     chars length            code   code   c            System out println  quot Code is  quot    code

User · Answer

Best Random String Generator Method  public class RandomStringGenerator       private static int randomStringLength   25       private static boolean allowSpecialCharacters   true       private static String specialCharacters         -          private static boolean allowDuplicates   false        private static boolean isAlphanum   false      private static boolean isNumeric   false      private static boolean isAlpha   false      private static final String alphabet    abcdefghijklmnopqrstuvwxyz       private static boolean mixCase   false      private static final String capAlpha    ABCDEFGHIJKLMNOPQRSTUVWXYZ       private static final String num    0123456789        public static String getRandomString             String returnVal               int specialCharactersCount   0          int maxspecialCharacters   randomStringLength 4           try               StringBuffer values   buildList                for  int inx   0  inx  lt  randomStringLength  inx                      int selChar    int   Math random      values length   - 1                    if  allowSpecialCharacters                                        if  specialCharacters indexOf      values charAt selChar    gt  -1                                                specialCharactersCount                             if  specialCharactersCount  gt  maxspecialCharacters                                                        while  specialCharacters indexOf      values charAt selChar      -1                                                                selChar    int   Math random      values length   - 1                                                                                                                    returnVal    values charAt selChar                   if   allowDuplicates                        values deleteCharAt selChar                                             catch  Exception e                returnVal    Error While Processing Values                     return returnVal             private static StringBuffer buildList             StringBuffer list   new StringBuffer 0           if  isNumeric    isAlphanum                list append num                     if  isAlpha    isAlphanum                list append alphabet               if  mixCase                    list append capAlpha                                   if  allowSpecialCharacters                        list append specialCharacters                     int currLen   list length            String returnVal               for  int inx   0  inx  lt  currLen  inx                  int selChar    int   Math random      list length   - 1                returnVal    list charAt selChar               list deleteCharAt selChar                     list   new StringBuffer returnVal           return list

User · Answer

public static String generateSessionKey int length       String alphabet           new String  quot 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz quot       9      int n   alphabet length       10      String result   new String        Random r   new Random       11      for  int i 0  i lt length  i       12         result   result   alphabet charAt r nextInt n      13      return result

User · Answer

Using Dollar should be as simple as      quot 0123456789 quot     quot ABCDE   Z quot  String validCharacters      0    9   join        A    Z   join     String randomString int length        return   validCharacters  shuffle   slice length  toString        Test public void buildFiveRandomStrings         for  int i     5             System out println randomString 12             It outputs something like this  DKL1SBH9UJWC JH7P0IT21EA5 5DTI72EO6SFU HQUMJTEBNF7Y 1HCR6SKYWGT7

User · Answer

You mention  simple   but just in case anyone else is looking for something that meets more stringent security requirements  you might want to take a look at jpwgen   jpwgen is modeled after pwgen in Unix  and is very configurable

User · Answer

Here is a Java 8 solution based on streams       public String generateString String alphabet  int length            return generateString alphabet  length  new SecureRandom    nextInt                 nextInt   bound - gt  n in  0  bound      public String generateString String source  int length  IntFunction lt Integer gt  nextInt            StringBuilder sb   new StringBuilder            IntStream generate source  length                   boxed                    limit length                   map nextInt  apply                   map source  charAt                   forEach sb  append            return sb toString            Use it like   String alphabet    ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789   int length   12  String generated   generateString alphabet  length   System out println generated     The function nextInt should accept an int bound and return a random number between 0 and bound - 1

User · Answer

Here s a simple one-liner using UUIDs as the character base and being able to specify  almost  any length   Yes  I know that using a UUID has been suggested before   public static String randString int length        return UUID randomUUID   toString   replace  quot - quot    quot  quot   substring 0  Math min length  32      length  gt  32   randString length - 32     quot  quot

User · Answer

public static String getRandomString int length        char   chars    quot abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRST quot  toCharArray         StringBuilder sb   new StringBuilder        Random random   new Random        for  int i   0  i  lt  length  i              char c   chars random nextInt chars length            sb append c             String randomStr   sb toString         return randomStr

User · Answer

Using UUIDs is insecure  because parts of the UUID aren t random at all  The procedure of erickson is very neat  but it does not create strings of the same length  The following snippet should be sufficient        The random generator used by this class to create random keys     In a holder class to defer initialization until needed      private static class RandomHolder       static final Random random   new SecureRandom        public static String randomKey int length            return String format  quot   quot  length  quot s quot   new BigInteger length 5  base 32 2 5    random               toString 32   replace   u0020    0             Why choose length 5  Let s assume the simple case of a random string of length 1  so one random character  To get a random character containing all digits 0-9 and characters a-z  we would need a random number between 0 and 35 to get one of each character  BigInteger provides a constructor to generate a random number  uniformly distributed over the range 0 to  2 numBits - 1   Unfortunately 35 is not a number which can be received by 2 numBits - 1  So we have two options  Either go with 2 5-1 31 or 2 6-1 63  If we would choose 2 6 we would get a lot of  quot unnecessary quot     quot longer quot  numbers  Therefore 2 5 is the better option  even if we lose four characters  w-z   To now generate a string of a certain length  we can simply use a 2  length numBits -1 number  The last problem  if we want a string with a certain length  random could generate a small number  so the length is not met  so we have to pad the string to its required length prepending zeros

User · Answer

import java util    import javax swing     public class alphanumeric       public static void main String args              String nval  lenval          int n  len           nval   JOptionPane showInputDialog  quot Enter number of codes you require   quot            n   Integer parseInt nval            lenval   JOptionPane showInputDialog  quot Enter code length you require   quot            len   Integer parseInt lenval            find n  len              public static void find int n  int length            String str1    quot 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ quot           StringBuilder sb   new StringBuilder length           Random r   new Random             System out println  quot  n t Unique codes are  n n quot            for int i 0  i lt n  i                  for int j 0  j lt length  j                      sb append str1 charAt r nextInt str1 length                                 System out println  quot    quot    sb toString                 sb delete 0  length

User · Answer

I found this solution that generates a random hex encoded string   The provided unit test seems to hold up to my primary use case   Although  it is slightly more complex than some of the other answers provided          Generate a random hex encoded string token of the specified length          param length     return random hex string     public static synchronized String generateUniqueToken Integer length        byte random     new byte length       Random randomGenerator   new Random        StringBuffer buffer   new StringBuffer         randomGenerator nextBytes random        for  int j   0  j  lt  random length  j              byte b1    byte    random j   amp  0xf0   gt  gt  4           byte b2    byte   random j   amp  0x0f           if  b1  lt  10              buffer append  char    0    b1            else             buffer append  char    A     b1 - 10             if  b2  lt  10              buffer append  char    0    b2            else             buffer append  char    A     b2 - 10               return  buffer toString         Test public void testGenerateUniqueToken        Set set   new HashSet        String token   null      int size   16          Seems like we should be able to generate 500K tokens         without a duplicate              for  int i 0  i lt 500000  i             token   Utility generateUniqueToken size            if  token length      size   2               fail  Incorrect length              else if  set contains token                 fail  Duplicate token generated              else              set add token

User · Answer

You can use an Apache Commons library for this  RandomStringUtils  RandomStringUtils randomAlphanumeric 20  toUpperCase

User · Answer

import java util Random   public class passGen         Version 1 0     private static final String dCase    quot abcdefghijklmnopqrstuvwxyz quot       private static final String uCase    quot ABCDEFGHIJKLMNOPQRSTUVWXYZ quot       private static final String sChar    quot        amp   quot       private static final String intChar    quot 0123456789 quot       private static Random r   new Random        private static StringBuilder pass   new StringBuilder         public static void main  String   args            System out println   quot Generating pass    quot            while  pass length       16               int rPick   r nextInt 4               if  rPick    0                   int spot   r nextInt 26                   pass append dCase charAt spot                  else if  rPick    1                    int spot   r nextInt 26                   pass append uCase charAt spot                  else if  rPick    2                    int spot   r nextInt 8                   pass append sChar charAt spot                  else                   int spot   r nextInt 10                   pass append intChar charAt spot                                    System out println   quot Generated Pass   quot    pass toString              This just adds the password into the string and    yeah  it works well  Check it out    It is very simple  I wrote it

User · Answer

In one line  Long toHexString Double doubleToLongBits Math random       Source  Java - generating a random string

User · Answer

Here is the one-liner by AbacusUtil  String valueOf CharStream random  0    z   filter c - gt  N isLetterOrDigit c   limit 12  toArray     Random doesn t mean it must be unique  To get unique strings  use  N uuid      E g    quot e812e749-cf4c-4959-8ee1-57829a69a80f quot   length is 36  N guid      E g    quot 0678ce04e18945559ba82ddeccaabfcd quot   length is 32 without  -

User · Answer

I have developed an application to develop an autogenerated alphanumberic string for my project  In this string  the first three characters are alphabetical and the next seven are integers  public class AlphaNumericGenerator        public static void main String   args            java util Random r   new java util Random            int i   1  n   0          char c          String str    quot  quot           for  int t   0  t  lt  3  t                  while  true                    i   r nextInt 10                   if  i  gt  5  amp  amp  i  lt  10                         if  i    9                            i   90                          n   90                          break                                            if  i    90                            n   i   10   r nextInt 10                           while  n  lt  65                                n   i   10   r nextInt 10                                                                       break                                              c    char n               str   String valueOf c    str                     while true               i   r nextInt 10000000               if i  gt  999999                  break                    str   str   i          System out println str

User · Answer

public static String randomSeriesForThreeCharacter         Random r   new Random        String value    quot  quot       char random Char       for int i 0  i lt 10  i                  random Char    char   48   r nextInt 74            value   value   random char            return value

User · Answer

Also  you can generate any lowercase or uppercase letters or even special characters through data from the ASCII table  For example  generate upper case letters from A  DEC 65  to Z  DEC 90   String generateRandomStr int min  int max  int size        String result    quot  quot       for  int i   0  i  lt  size  i              result    String valueOf  char  new Random   nextInt  max - min    1    min              return result     Generated output for generateRandomStr 65  90  100     TVLPFQJCYFXQDCQSLKUKKILKKHAUFYEXLUQFHDWNMRBIRRRWNXNNZQTINZPCTKLHGHVYWRKEOYNSOFPZBGEECFMCOKWHLHCEWLDZ

User · Answer

static final String AB    quot 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz quot   static SecureRandom rnd   new SecureRandom     String randomString int len      StringBuilder sb   new StringBuilder len      for int i   0  i  lt  len  i          sb append AB charAt rnd nextInt AB length          return sb toString

User · Answer

Surprising  no one here has suggested it  but  import java util UUID  UUID randomUUID   toString     Easy  The benefit of this is UUIDs are nice  long  and guaranteed to be almost impossible to collide  Wikipedia has a good explanation of it    quot     only after generating 1 billion UUIDs every second for the next 100 years  the probability of creating just one duplicate would be about 50   quot   The first four bits are the version type and two for the variant  so you get 122 bits of random  So if you want to  you can truncate from the end to reduce the size of the UUID  It s not recommended  but you still have loads of randomness  enough for your 500k records easy

User · Answer

Java supplies a way of doing this directly  If you don t want the dashes  they are easy to strip out  Just use uuid replace  quot - quot    quot  quot   import java util UUID   public class randomStringGenerator       public static void main String   args            System out println generateString                public static String generateString             String uuid   UUID randomUUID   toString            return  quot uuid    quot    uuid           Output uuid   2d7428a6-b58c-4008-8575-f05549f16316

User · Answer

Efficient and short         Utility class for generating random Strings      public interface RandomUtil        int    DEF COUNT   20      Random RANDOM      new SecureRandom                    Generate a password                 return the generated password             static String generatePassword             return generate true  true                         Generate an activation key                 return the generated activation key             static String generateActivationKey             return generate false  true                         Generate a reset key                 return the generated reset key             static String generateResetKey             return generate false  true              static String generate boolean letters  boolean numbers            int             start                    end      z    1              count   DEF COUNT              gap     end - start          StringBuilder builder   new StringBuilder count            while  count--    0                int codePoint   RANDOM nextInt gap    start               switch  getType codePoint                     case UNASSIGNED                  case PRIVATE USE                  case SURROGATE                      count                        continue                             int numberOfChars   charCount codePoint                if  count    0  amp  amp  numberOfChars  gt  1                    count                    continue                             if  letters  amp  amp  isLetter codePoint                     numbers  amp  amp  isDigit codePoint                      letters  amp  amp   numbers                     builder appendCodePoint codePoint                   if  numberOfChars    2                      count--                            else                 count                      return builder toString

User · Answer

public static String RandomAlphanum int length        String charstring    quot abcdefghijklmnopqrstuvwxyz0123456789 quot       String randalphanum    quot  quot       double randroll      String randchar      for  double i   0  i  lt  length  i                  randroll   Math random            randchar    quot  quot           for  int j   1  j  lt   35  j                          if  randroll  lt    1 0   36 0   j                                 randchar   Character toString charstring charAt j - 1                    break                                  randalphanum    randchar            return randalphanum     I used a very primitive algorithm using Math random    To increase randomness  you can directly implement the util Date class  Nevertheless  it works

User · Answer

An alternative in Java 8 is   static final Random random   new Random       Or SecureRandom static final int startChar    int       static final int endChar    int        static String randomString final int maxLength      final int length   random nextInt maxLength   1     return random ints length  startChar  endChar   1           collect StringBuilder  new  StringBuilder  appendCodePoint  StringBuilder  append           toString

User · Answer

import java util Date  import java util Random   public class RandomGenerator      private static Random random   new Random  new Date    getTime          public static String generateRandomString int length          char   values     a   b   c   d   e   f   g   h   i   j                   k   l   m   n   o   p   q   r   s   t                   u   v   w   x   y   z   0   1   2   3                   4   5   6   7   8   9           String out              for  int i 0 i lt length i                int idx random nextInt values length             out    values idx                 return out

User · Answer

I m using a library from Apache Commons to generate an alphanumeric string  import org apache commons lang3 RandomStringUtils   String keyLength   20  RandomStringUtils randomAlphanumeric keylength    It s fast and simple

User · Answer

Change String characters as per as your requirements   String is immutable  Here StringBuilder append is more efficient than string concatenation     public static String getRandomString int length        final String characters    quot abcdefghijklmnopqrstuvwxyzABCDEFGHIJLMNOPQRSTUVWXYZ1234567890       amp       quot       StringBuilder result   new StringBuilder         while length  gt  0            Random rand   new Random            result append characters charAt rand nextInt characters length               length--            return result toString

User · Answer

You can use the UUID class with its getLeastSignificantBits   message to get 64 bit of random data  and then convert it to a radix 36 number  i e  a string consisting of 0-9 A-Z   Long toString Math abs  UUID randomUUID   getLeastSignificantBits    36     This yields a string up to 13 characters long  We use Math abs   to make sure there isn t a minus sign sneaking in

User · Answer

There are lots of use of StringBuilder in previous answers  I guess it s easy  but it requires a function call per character  growing an array  etc    If using the stringbuilder  a suggestion is to specify the required capacity of the string  i e   new StringBuilder int capacity    Here s a version that doesn t use a StringBuilder or String appending  and no dictionary  public static String randomString int length        SecureRandom random   new SecureRandom        char   chars   new char length       for int i 0  i lt chars length  i                  int v   random nextInt 10   26   26           char c          if  v  lt  10                        c    char   0    v                     else if  v  lt  36                        c    char   a  - 10   v                     else                       c    char   A  - 36   v                     chars i    c            return new String chars

User · Answer

This is easily achievable without any external libraries  1  Cryptographic Pseudo Random Data Generation  PRNG  First you need a cryptographic PRNG  Java has SecureRandom for that and typically uses the best entropy source on the machine  e g   dev random   Read more here  SecureRandom rnd   new SecureRandom    byte   token   new byte byteLength   rnd nextBytes token    Note  SecureRandom is the slowest  but most secure way in Java of generating random bytes  I do however recommend not considering performance here since it usually has no real impact on your application unless you have to generate millions of tokens per second  2  Required Space of Possible Values Next you have to decide  quot how unique quot  your token needs to be  The whole and only point of considering entropy is to make sure that the system can resist brute force attacks  the space of possible values must be so large that any attacker could only try a negligible proportion of the values in non-ludicrous time1  Unique identifiers such as random UUID have 122 bit of entropy  i e   2 122   5 3x10 36  - the chance of collision is  quot        for there to be a one in a billion chance of duplication  103 trillion version 4 UUIDs must be generated2 quot   We will choose 128 bits since it fits exactly into 16 bytes and is seen as highly sufficient for being unique for basically every  but the most extreme  use cases and you don t have to think about duplicates  Here is a simple comparison table of entropy including simple analysis of the birthday problem   For simple requirements  8 or 12 byte length might suffice  but with 16 bytes you are on the  quot safe side quot   And that s basically it  The last thing is to think about encoding so it can be represented as a printable text  read  a String   3  Binary to Text Encoding Typical encodings include   Base64 every character encodes 6 bit  creating a 33  overhead  Fortunately there are standard implementations in Java 8  and Android  With older Java you can use any of the numerous third-party libraries  If you want your tokens to be URL safe use the URL-safe version of RFC4648  which usually is supported by most implementations   Example encoding 16 bytes with padding  XfJhfv3C0P6ag7y9VQxSbw    Base32 every character encodes 5 bit  creating a 40  overhead  This will use A-Z and 2-7  making it reasonably space efficient while being case-insensitive alpha-numeric  There isn t any standard implementation in the JDK  Example encoding 16 bytes without padding  WUPIL5DQTZGMF4D3NX5L7LNFOY  Base16  hexadecimal  every character encodes four bit  requiring two characters per byte  i e   16 bytes create a string of length 32   Therefore hexadecimal is less space efficient than Base32  but it is safe to use in most cases  URL  since it only uses 0-9 and A to F  Example encoding 16 bytes  4fa3dd0f57cb3bf331441ed285b27735  See a Stack  Overflow discussion about converting to hexadecimal here    Additional encodings like Base85 and the exotic Base122 exist with better worse space efficiency  You can create your own encoding  which basically most answers in this thread do   but I would advise against it  if you don t have very specific requirements  See more encoding schemes in the Wikipedia article  4  Summary and Example  Use SecureRandom Use at least 16 bytes  2 128  of possible values Encode according to your requirements  usually hex or base32 if you need it to be alpha-numeric   Don t      use your home brew encoding  better maintainable and readable for others if they see what standard encoding you use instead of weird for loops creating characters at a time      use UUID  it has no guarantees on randomness  you are wasting 6 bits of entropy and have a verbose string representation  Example  Hexadecimal Token Generator public static String generateRandomHexToken int byteLength        SecureRandom secureRandom   new SecureRandom        byte   token   new byte byteLength       secureRandom nextBytes token       return new BigInteger 1  token  toString 16      Hexadecimal encoding      generateRandomHexToken 16  - gt  2189df7475e96aa3982dbeab266497cd  Example  Base64 Token Generator  URL Safe  public static String generateRandomBase64Token int byteLength        SecureRandom secureRandom   new SecureRandom        byte   token   new byte byteLength       secureRandom nextBytes token       return Base64 getUrlEncoder   withoutPadding   encodeToString token     base64 encoding      generateRandomBase64Token 16  - gt  EEcCCAYuUcQk7IuzdaPzrg  Example  Java CLI Tool If you want a ready-to-use CLI tool you may use dice  Example  Related issue - Protect Your Current Ids If you already have an id you can use  e g   a synthetic long in your entity   but don t want to publish the internal value  you can use this library to encrypt it and obfuscate it  https   github com patrickfav id-mask IdMask lt Long gt  idMask   IdMasks forLongIds Config builder key  build     String maskedId   idMask mask id      Example  NPSBolhMyabUBdTyanrbqT8 long originalId   idMask unmask maskedId

User · Answer

public static String getRandomString int length        String randomStr   UUID randomUUID   toString        while randomStr length    lt  length            randomStr    UUID randomUUID   toString              return randomStr substring 0  length

User · Answer

I think this is the smallest solution here  or nearly one of the smallest   public String generateRandomString int length        String randomString    quot  quot        final char   chars    quot ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz01234567890 quot  toCharArray        final Random random   new Random        for  int i   0  i  lt  length  i              randomString   randomString   chars random nextInt chars length               return randomString     The code works just fine  If you are using this method  I recommend you to use more than 10 characters  A collision happens at 5 characters   30362 iterations  This took 9 seconds

User · Answer

You can use the following code  if your password mandatory contains numbers and alphabetic special characters  private static final String NUMBERS    quot 0123456789 quot   private static final String UPPER ALPHABETS    quot ABCDEFGHIJKLMNOPQRSTUVWXYZ quot   private static final String LOWER ALPHABETS    quot abcdefghijklmnopqrstuvwxyz quot   private static final String SPECIALCHARACTERS    quot      amp   quot   private static final int MINLENGTHOFPASSWORD   8   public static String getRandomPassword         StringBuilder password   new StringBuilder        int j   0      for  int i   0  i  lt  MINLENGTHOFPASSWORD  i              password append getRandomPasswordCharacters j            j            if  j    3                j   0                      return password toString       private static String getRandomPasswordCharacters int pos        Random randomNum   new Random        StringBuilder randomChar   new StringBuilder        switch  pos            case 0              randomChar append NUMBERS charAt randomNum nextInt NUMBERS length   - 1                 break          case 1              randomChar append UPPER ALPHABETS charAt randomNum nextInt UPPER ALPHABETS length   - 1                 break          case 2              randomChar append SPECIALCHARACTERS charAt randomNum nextInt SPECIALCHARACTERS length   - 1                 break          case 3              randomChar append LOWER ALPHABETS charAt randomNum nextInt LOWER ALPHABETS length   - 1                 break            return randomChar toString

User · Answer

A short and easy solution  but it uses only lowercase and numerics  Random r   new java util Random     String s   Long toString  r nextLong     amp  Long MAX VALUE  36    The size is about 12 digits to base 36 and can t be improved further  that way  Of course you can append multiple instances

[java] How to generate a random alpha-numeric string

Examples related to java

Examples related to string

Examples related to random

Examples related to alphanumeric