script to change hotspot password on weekly basis?

RouterOS General
1

I’ve been asked to come up with a method to change hotspot passwords on a weekly basis.
I’ve been using a script which does this on a monthly basis.
My concern here is that mikrotik’s system clock doesn’t seem to keep track of weeks, so how would I then use that as a variable in my script?
Has anyone else deployed something like this before?
Keep in mind we don’t use user manager or a radius server.
Below is the working script I use currently to change hotspot password monthly.


:local date [/system clock get date]
:local month [:pick $date 0 3]
:local day [:pick $date 4 6]
:local year [:pick $date 7 11]
:if ($month = “jan”) do={
/ip hotspot user set user1 password=“CASS01”;
/sy sche set HotspotCodeChange start-date=(“feb/01/” . $year);}
:if ($month = “feb”) do={
/ip hotspot user set user1 password=“CASS02”;
/sy sche set HotspotCodeChange start-date=(“mar/01/” . $year);}
:if ($month = “mar”) do={
/ip hotspot user set user1 password=“CASS03”;
/sy sche set HotspotCodeChange start-date=(“apr/01/” . $year);}
:if ($month = “apr”) do={
/ip hotspot user set user1 password=“CASS04”;
/sy sche set HotspotCodeChange start-date=(“may/01/” . $year);}
:if ($month = “may”) do={
/ip hotspot user set user1 password=“CASS05”;
/sy sche set HotspotCodeChange start-date=(“jun/01/” . $year);}
:if ($month = “jun”) do={
/ip hotspot user set user1 password=“CASS06”;
/sy sche set HotspotCodeChange start-date=(“jul/01/” . $year);}
:if ($month = “jul”) do={
/ip hotspot user set user1 password=“CASS07”;
/sy sche set HotspotCodeChange start-date=(“aug/01/” . $year);}
:if ($month = “aug”) do={
/ip hotspot user set user1 password=“CASS08”;
/sy sche set HotspotCodeChange start-date=(“sep/01/” . $year);}
:if ($month = “sep”) do={
/ip hotspot user set user1 password=“CASS09”;
/sy sche set HotspotCodeChange start-date=(“oct/01/” . $year);}
:if ($month = “oct”) do={
/ip hotspot user set user1 password=“CASS10”;
/sy sche set HotspotCodeChange start-date=(“nov/01/” . $year);}
:if ($month = “nov”) do={
/ip hotspot user set user1 password=“CASS11”;
/sy sche set HotspotCodeChange start-date=(“dec/01/” . $year);}
:if ($month = “dec”) do={
/ip hotspot user set user1 password=“CASS12”;
:set year ($year + 1);
/sy sche set HotspotCodeChange start-date=(“jan/01/” . $year);}


Please let me know of any possiblities.

Hotspot - forgot password functionality
2

What are you changing the password to? Can it be programatically constructed? I’d just use the built in feature of the scheduler that lets you define a start date (say, next Saturday) and then an interval of 7 days. The script will then run next Saturday, and every subsequent Saturday. Now the only remaining bit is what to set the password to, which you haven’t elaborated on.

3

Well It’ll be CASS then a number referencing what week it is in the year for example
in the first week of January it’d be CASS1 1 indicates week 1 of 52 in a year , second week in January would be CASS2 etc.only the number portion of the password would change to reference what week out of 52 weeks it currently is.
Like my above disclosed script but instead of months it’d be weeks.

4 
:local currentPassword [/ip hotspot user get [/ip hotspot user find name="user1"] password];
:local number [:tonum [:pick $currentPassword 4 6]];
:local newPassword ($number + 1);
:if ($newPassword < 10) do={
  :set newPassword ("0" . $newPassword);
};
:if ($newPassword = 53) do={
  :set newPassword "01";
};
:set newPassword ("CASS" . $newPassword);
/ip hotspot user set [/ip hotspot user find name="user1"] password="$newPassword";

That should work. Schedule to run every Sunday or Monday or whatever. That said, that’s an obvious password scheme.

5

is that really all to the script or do i need to create these lines for each week?
I’m alittle unclear about this line
:if ($newPassword < 10) do={
:set newPassword (“0” . $newPassword);
and what it does.
Also is this script specific to and version ros version or greater?

6

That is the entire script for the entire year. Rather than set the password based on the date it simply retrieves the current password, converts the numerical part to a number, and adds 1 to that number. The “if < 10” part makes sure that a “1” is printed as “01” like in your original passwords: CASS01 vs CASS1. If the number is 53 it wraps back to 1 since it’s a new year. You would set the password once manually to the correct one for that week, and then schedule the script to run on whatever weekday you want it to run with an interval of “7d” = 7 days so that it repeats every week.

I tested it on 4.16. I’m not sure if anything is specific to any versions.

:local currentPassword [/ip hotspot user get [/ip hotspot user find name="user1"] password];
:local number [:tonum [:pick $currentPassword 4 6]];
:local newPassword ($number + 1);
:if ($newPassword < 10) do={
  :set newPassword ("0" . $newPassword);
};
:if ($newPassword = 53) do={
  :set newPassword "01";
};
:set newPassword ("CASS" . $newPassword);
/ip hotspot user set [/ip hotspot user find name="user1"] password="$newPassword";

Here the pseudo code:

get the current password for the account "user1", password is "CASSxx" with xx being a number between 01 and 52
lob off the last two letters and convert them to a number
set a variable newPassword to the old number plus one, at this point the new password is just a number
if the new password is less than 10 
  prepend a 0 so that "1" becomes "01" and "9 becomes "09", but "10" stays "10"
end if
if the new password is 53
  wrap the password around to 1 since the year only has 52 weeks
end if
prepend the letters "CASS" to the new password, so that "01" becomes "CASS01" and "52" becomes "CASS52"
set the new password on the account "user1"
7

Thanks so much Fewi, you are brilliant and most helpful.
I know between the different versions of router os there have been changes to scripting syntax, hence why I ask about version.
We have a lot of routers deployed running ros 2.9 which im concerned this may not work on, these routers are only upgradeable to v 3 I believe, we bought them years ago and my bosses wont replace with newer unless they stop working.

8

I have nothing that runs ROS older than 4.x so I cannot help you with that.

9

An addendum to this.
How could i write a script that will email the new weekly password to our support email address so we can provide it to the customer.
I’m sure it’d be a separate script scheduled to run maybe 10 minutes after the pwchange script runs.
I also believe the beginning of the script would start off much like the script to email a backup file however I’d have to declare the variable for the hotspot pw as a variable to call the variable into the body of the message.
Does this sound correct? If so How would I go about doing that?
If I just added to the password change script at the end since everything executes sequentially would i not have to declare the variable?
Fewi , I did pick up a couple RB 450g’s running ros4.11 to test this on.

10

Nevermind I figured it out below is the modified script with the email function which sends an email.
:local currentPassword [/ip hotspot user get [/ip hotspot user find name=“user1”] password];
:local number [:tonum [:pick $currentPassword 4 6]];
:local newPassword ($number + 1);
:if ($newPassword < 10) do={
:set newPassword (“0” . $newPassword);
};
:if ($newPassword = 53) do={
:set newPassword “01”;
};
:set newPassword (“CASS” . $newPassword);
/ip hotspot user set [/ip hotspot user find name=“user1”] password=“$newPassword”;

/tool e-mail send to=support@anybody.com subject=“XXXXXX New Hotspot Password” body=“$newPassword”

I hope this will help someone looking to do the same, this simplifies trying to keep track of what week it is therefore what the password currently is.

11

Dear ,

If possible script for change password for client in page status …

12

No, that is impossible.