StringX CPasswordCharPool::MakePassword() const { // We don't care if the policy is inconsistent e.g. // number of lower case chars > 1 + make pronouceable // The individual routines (normal, hex, pronouceable) will // ignore what they don't need. // Saves an awful amount of bother with setting values to zero and // back as the user changes their minds! ASSERT(m_pwlen > 0); if (m_pronounceable) return MakePronounceable(); StringX password; bool hasalpha, hasdigit; do { hasalpha = !m_uselowercase && !m_useuppercase; // prevent infinite loop hasdigit = !m_usedigits; charT ch; password.assign(_T("")); for (uint i = 0; i < m_pwlen; i++) { ch = GetRandomChar(); password += ch; if (_istalpha(ch)) hasalpha = true; if (_istdigit(ch)) hasdigit = true; } if (m_pwlen <= 4) break; } while(!hasalpha || !hasdigit); ASSERT(password.length() == size_t(m_pwlen)); return password; };