Feature Requests
Share ideas, discuss and vote on requests from other users in community
This object is in archive! 

Password Generator to avoid using certain characters

Ian Chilvers shared this idea 7 years ago
Under Consideration


When a new service is created in WHMCS it automatically generates a password for the service.

Is it possible to tell WHMCS to not use certain characters?

For example capital I and lowercase l

Another example 0 (zero) vs o (lowercase o) vs O (uppercase O)

Because when the password is emailed to the client and with the default font in outlook its impossible to tell the difference between an I and an l. Generating a high number of support tickets and password resets.

Comments (3)


This a great feature request. All password generation within WHMCS needs

to be reviewed. Emailing certain passwords in clear text that the

customer types in during the registration simply upsets customers since

they think it is secured but then we email them the passwords they just

typed in clear text.

If you search the feature requests for

'password generator' you will find a bunch of requests that all merit

and would make WHMCS better.

It would be nice to create our own list of characters since every company might want their own list.


cant believe this only has 8 votes, this should be incredibly easy to implement and will drastically reduce confusion for end users. This is the reason i dont use any of the auto generated passwords to avoid this exact issue (dont forget 1 (one) also can be confused with L and I

i agree characters should be allowed to be set but if its easier just to get rid of the main ones i would be happy with that.



Although I still think this should be a feature within WHMCS, I have a work around.

I created the below function and call it in the preCreate action hooks.

  1. function randomPasswordGenerator($strLength) {

    $availableChars = "abcdefghjklmnpqrstuwxyzABCDEFGHJKLMNPQRSTUWXYZ23456789#!$*^@";

    $tmpStr = "";

    for ($i = 0; $i < $strLength; $i++) {

    $randomNumber = rand(1, strlen($availableChars));

    $tmpStr .= substr($availableChars, $randomNumber, 1);


    return $tmpStr;

Below is an example of a add hook for a module create but you can do user/client create as well

  1. add_hook('PreModuleCreate', 1, function ($params) {

    if ( $params ['params']["moduletype"] == "mytestservice") {

    $command = "updateclientproduct";

    $adminuser = "myAdminUsername"; //Change this to your admin username

    $values["serviceid"] = $params ['params']["serviceid"];

    $values["servicepassword"] = randomPasswordGenerator(10);

    $results = localAPI($command,$values,$adminuser);