Generating Simple Random Passwords from a Given String in PHP

Creating random passwords from a given string can be useful in various scenarios, such as generating temporary passwords for users or creating unique access tokens.

In PHP, you can achieve this by selecting characters from the provided string in a random order.

In this article, we'll demonstrate how to generate simple random passwords from a given string using PHP.

1. The "str_shuffle" Function

PHP provides the str_shuffle function, which shuffles the characters in a string randomly. To generate a random password from a given string, you can use this function.

Here's a simple example:

function generateRandomPassword($sourceString, $length) {
    $randomPassword = substr(str_shuffle($sourceString), 0, $length);
    return $randomPassword;

$sourceCharacters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$passwordLength = 12;

$randomPassword = generateRandomPassword($sourceCharacters, $passwordLength);
echo $randomPassword;

In this example:

  1. We define a function generateRandomPassword that takes two parameters: $sourceString and $length. The $sourceString is the pool of characters from which the password will be generated, and $length is the desired length of the password.
  2. Inside the function, we use str_shuffle to shuffle the characters in $sourceString.
  3. We then use substr to extract the first $length characters from the shuffled string, creating the random password.
  4. Finally, the function returns the random password.

2. Custom Function for Control

You can also create a custom function to generate random passwords with more control.

For example, you can enforce certain requirements for the password, such as including at least one uppercase letter and one special character.

Here's a custom function for generating such random passwords:

function generateCustomRandomPassword($length, $includeUppercase = true, $includeSpecialChars = true) {
    $sourceCharacters = 'abcdefghijklmnopqrstuvwxyz';
    if ($includeUppercase) {
        $sourceCharacters .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
    if ($includeSpecialChars) {
        $sourceCharacters .= '!@#$%^&*()_+=-[]{}|;:,.<>?';

    $randomPassword = '';
    for ($i = 0; $i < $length; $i++) {
        $randomPassword .= $sourceCharacters[rand(0, strlen($sourceCharacters) - 1)];

    return $randomPassword;

$passwordLength = 12;
$includeUppercase = true;
$includeSpecialChars = true;

$randomPassword = generateCustomRandomPassword($passwordLength, $includeUppercase, $includeSpecialChars);
echo $randomPassword;

In this custom function:


Generating simple random passwords from a given string in PHP is a practical task that can be useful in many applications. Whether you need a basic random password or want to customize it according to specific requirements, PHP provides the tools to achieve this.

The examples provided demonstrate both a straightforward approach using str_shuffle and a more customized method that allows you to control the character set and additional requirements for your random passwords.