Now, it’s true that if we use this function to generate passwords, the passwords created will be less secure — this function can only create 285 (17 million) different five-character passwords whereas if I had included the missing characters this number would’ve been 365 (60 million). That’s a trade-off you’ll have to accept in return for fewer frustrated users having difficulty logging on to your site, which can be mitigated by forcing users to change their generated password to something chosen by them.

function GenerateRandomString($length) {
	$characters = array('2', '3', '4', '5', '6', '7', '8', '9',
			'a', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'm', 'p',
			'q', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z');
	$randomString = "";
	while(strlen($randomString) < $length) {
		$randomCharacterIndex = rand(0, count($characters));
		$randomString .= $characters[$randomCharacterIndex];
	}
	return $randomString;
}