Random password

First let me say that this forum is the best!

My latest question is that of how do I create random passwords and email them to individuals when they register on my site.

My form is basic:
<html>
<head>
<title>Registration</title>
</head>
<body>
<form method="POST" action="../in_work/post_user.asp">
<font face="BernhardMod BT" color="#000080">First Name
<input type="text" name="First" size="20" style="font-family: BernhardMod BT; font-size: 10pt; color: #0000FF" tabindex="1"><br>
Last Name
<input type="text" name="Last" size="30" style="font-family: BernhardMod BT; font-size: 10pt; color: #0000FF" tabindex="2"><br>
Email Address
<input type="text" name="Email" size="40" style="font-family: BernhardMod BT; font-size: 10pt; color: #0000FF" tabindex="3"><br>
<br>
User Name
<input type="text" name="user" size="20" style="font-family: BernhardMod BT; font-size: 10pt; color: #0000FF" tabindex="4"><br>
<br>
<input type="submit" value="Submit" name="Submit"><input type="reset" value="Reset" name="Reset"></form>
</font>
</body>
</html>

and the post_user.asp is basic as well:

<%
Dim adoCon                
Dim rsAddUser          
Dim strSQL               
Set adoCon = Server.CreateObject("ADODB.Connection")
adoCon.Open "DRIVER={Microsoft Access Driver (*.mdb)};pwd=****; DBQ=" & Server.MapPath("../*******")
'adoCon.Open "DSN=**********"
Set rsAddUser = Server.CreateObject("ADODB.Recordset")
strSQL = "SELECT tblUsers.First, tblUsers.Last, tblUsers.Email, tblUsers.user FROM tblUsers;"
rsAddUser.CursorType = 2
rsAddUser.LockType = 3
rsAddUser.Open strSQL, adoCon
rsAddUser.AddNew
rsAddUser.Fields("First") = Request.Form("first")
rsAddUser.Fields("Last") = Request.Form("last")
rsAddUser.Fields("Email") = Request.Form("email")
rsAddUser.Fields("user") = Request.Form("user")
rsAddUser.Update
rsAddUser.Close
Set rsAddUser = Nothing
Set adoCon = Nothing
Response.Redirect "../index.htm"
%>

Can anyone tell me s..l..o..w..e..l..y.. what kind of changes I need to make to do what I asked above? I tried an autonumber in my database, but it tells me that I can only have one and it is for the user id. Then I tried just a random number and it comes up with a number about 10 characters long. I would like to randomize letters and numbers that total about 6 characters.

Thanks all that have helped in the past, and to those that will probably help me in the very near future.

There are a bunch of examples on aspin.com for generating passwords. Just search for Random Password and it will give you plenty results.
Ultra, I think it can be useful if you want to email a new password to a users, more like a temp password. Based on the application it might be necessary. My company for example has a site in place where we only allow genereated passwords so no dictionary passwords can be used. It is a FDIC requirement in our case.

My thought behind using random generated passwords was so that each new user would have to enter a "VALID" email address in order to receive and email with their password.  If anyone has any better ideas I am more than happy to listen.

Also, how does one do multiple "not sure what word to put here"?  Example would be for someone to enter info that would be put into a database, emailed to them and emailed to me all from clicking one button.

Thanks for the tip Michael and to you UltraMods and big thanks  for the code example with explanations for each line - that is always a huge help.

The problem with dictionary passwords is easily solved by creating a random string (e.g. a session variable) server side and then using an MD5 algorithm on the client side to hash the password and random sting together. Of course this only applies to initially creating the password clientside and won't protect against keyloggers, but it will protect against network sniffers.

There are several MD5 algorithms available for free out there.

For sending "random" passwords, you can have a dictionary list of passwords, stick it in a dictionary object (memory expensive) and then generate a random number to choose one of them. That gives users a random password that they can remember easily.

Security is a complete farce anyways. There is no security on the internet. Servers can be mostly secured, but individual users are far too easy to hack to even bother with. The best stuff is all commercial and quite expensive.

Ultramods has the best answer up there - I'd go with his suggestions. Using random passwords offers no real security advantage against anyone who knows what they are doing.