Password Generator

[curlydog]

I work in a department that produces encrypted data, which is then used by other departments. The data is password protected, and currently the password is assigned by the producer. Obviously this has problems when the receiver loses the password and contacts the department, but the producer is off work.

I've been tasked with producing a system of producing passwords, whereby anyone in the department can find and give the receiver the password. I've looked at generating random passwords, but this would mean storing the passwords in a database, which I'm trying to avoid.

I'm looking at a asp.net page, on the department's secure web server, which will generate a password based on user input. i know I could user salting and hashing, but this would produce a very long password, which would be eminently forgettable by our non- technical customers.

Everything we produce is associated with a job number. I want the page to take a job number, via a textbox, and then produce a password of 10 character, including at least one capital and 3 special characters. the password must be produced by a repeatable algorithm, so that if the password is lost in the future, anyone in the department can enter the job number and the same password can be produced.

I have seem application that do a similar job in the past. A large organization I know used an application to manage their workstation admin passwords. Essentially putting the host name of the workstation into the application, would produce the password.

Can anyone give me a pointer as to which direction I should be heading in order to achieve my goal.

Many thanks
jason

 

[Dunfiddlin]

I'm sorry? You have a password 'protected' system in which passwords are known by people other than those who set them? And now you want to make it even easier to discover the passwords? You have got to be kidding!!! There's a much simpler, efficient, and equally secure system .... don't use passwords at all! It wouldn't make the slightest bit of difference.

 

[theonebit]

"anyone in the department" you mean your department right?

so say somebody from other department loses the password and you want a system that anybody from your department can resend that password to whomever from the other department is asking? did i get you correct?

the system you are suggesting is that every password generated will be given a specific job number, and the job number is visible to everyone in your department but the password is not, this will make it easy if one clown(im sorry, i was working in this kind of department before, so i cannot hold my self) losses that damn password, anyone from your department can easily resend it without waiting for the producer and have no worries about anyonelse knowing the password. in the life is simple.

though i might be wrong because i dont fully understand the quote below

Everything we produce is associated with a job number. I want the page to take a job number, via a textbox, and then produce a password of 10 character, including at least one capital and 3 special characters. the password must be produced by a repeatable algorithm, so that if the password is lost in the future, anyone in the department can enter the job number and the same password can be produced.