I've been looking for a *simple* Java algorithm to generate a pseudo-random alpha-numeric string. In my situation it would be used as a unique session/key identifier that would "likely" be unique over 500K+ generation (my needs don't really require anything much more sophisticated). Ideally, I would be able to specify a length depending on my uniqueness needs. For example, a generated string of length 12 might look something like `"AEYGF7K0DM1X"`

.

## How to generate a random alpha-numeric string?

Maybe this is helpful

```
package password.generater;
import java.util.Random;
/**
*
* @author dell
*/
public class PasswordGenerater {
/**
* @param args the command line arguments
*/
public static void main(String[] args) {
int length= 11;
System.out.println(generatePswd(length));
// TODO code application logic here
}
static char[] generatePswd(int len){
System.out.println("Your Password ");
String charsCaps="ABCDEFGHIJKLMNOPQRSTUVWXYZ";
String Chars="abcdefghijklmnopqrstuvwxyz";
String nums="0123456789";
String symbols="[email protected]#$%^&*()_+-=.,/';:?><~*/-+";
String passSymbols=charsCaps + Chars + nums +symbols;
Random rnd=new Random();
char[] password=new char[len];
int index=0;
for(int i=0; i<<len;i++){
password[i]=passSymbols.charAt(rnd.nextInt(passSymbols.length()));
}
return password;
}
}
```

Using UUIDs is insecure, because parts of the UUID arn't random at all. The procedure of @erickson is very neat, but does not create strings of the same length. The following snippet should be sufficient:

```
/*
* The random generator used by this class to create random keys.
* In a holder class to defer initialization until needed.
*/
private static class RandomHolder {
static final Random random = new SecureRandom();
public static String randomKey(int length) {
return String.format("%"+length+"s", new BigInteger(length*5/*base 32,2^5*/, random)
.toString(32)).replace('\u0020', '0');
}
}
```

Why choosing `length*5`

. Let's assume the simple case of a random string of length 1, so one random character. To get a random character containing all digits 0-9 and characters a-z, we would need a random number between 0 and 35 to get one of each character. `BigInteger`

provides a constructor to generate a random number, uniformly distributed over the range `0 to (2^numBits - 1)`

. Unfortunately 35 is no number which can be received by 2^numBits - 1. So we have two options: Either go with `2^5-1=31`

or `2^6-1=63`

. If we would choose `2^6`

we would get a lot of "unnecesarry" / "longer" numbers. Therefore `2^5`

is the better option, even if we loose 4 characters (w-z). To now generate a string of a certain length, we can simply use a `2^(length*numBits)-1`

number. The last problem, if we want a string with a certain length, random could generate a small number, so the length is not met, so we have to pad the string to it's required length prepending zeros.

```
static final String AB = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
static SecureRandom rnd = new SecureRandom();
String randomString( int len ){
StringBuilder sb = new StringBuilder( len );
for( int i = 0; i < len; i++ )
sb.append( AB.charAt( rnd.nextInt(AB.length()) ) );
return sb.toString();
}
```