// stopping at a minimum of 10 chars.
$length = max( 10, $minLength );
// Multiply by 1.25 to get the number of hex characters we need
- $length = $length * 1.25;
// Generate random hex chars
- $hex = MWCryptRand::generateHex( $length );
+ $hex = MWCryptRand::generateHex( ceil( $length * 1.25 ) );
// Convert from base 16 to base 32 to get a proper password like string
- return Wikimedia\base_convert( $hex, 16, 32 );
+ return substr( Wikimedia\base_convert( $hex, 16, 32, $length ), -$length );
}
/**