Minimum number per "type"?

[Garry Garrett]

Okay, so I can set the minimum password length.  I have checkboxes for the types of characters to include (a..z, A..Z, 0..9, !@#...).  The problem is, there's no way to set minimum numbers for these types of characters.

I try to generate a password, and every time it gives me one upper case, one numeric, and one symbol, the rest are all lower case.  If I have an environment where I am required to use say two upper case characters, I can't use this password generator (I can generate a password with it, and change one of the lower case ones for upper case, but that's kind of a pain).  I would think, out of the box, the way that it should work is I get at least one of each one checked, but for the remaining characters the type (upper/lower/numeric/symbol) would be randomly determined.  So maybe one time I get 1 upper, 5 lower, 1 numeric, 1 symbol, but next time I run it, perhaps I get 3 upper, 2 lower, 1 digit, 2 symbol?  If I get a combination that I can't use, due to minimum type requirements, I could just generate another one and hopefully it will pass muster.

What would be even better is if I could specify minimums of each type.  So I could say, for example, that I want 2 upper case and 2 symbol.

The last point I'd like to make is, there are still an awful lot of systems that max out at 8 characters.  If I could set minimums, like say 2 upper case, and say I generate a 16 character password, I'd like those two required upper case to appear in the first 8.  Say I have 2 computers, one of which is limited to 8 characters and the other's limit is something huge, like 256 characters.  Say for a given account, I want to set both servers to "the same" password.  But let's say the 256 character one specifies a minimum of 12 characters.  On the 8 character system, you can type more than 8, but anything longer than 8 gets truncated down to 8.  I could set both to "the same" password, a 16 character password, but on the one system it will be truncated to 8.  If my second upper case password appears after the first 8 characters, my password is going to be accepted on my 256 character server, but it will be rejected by the 8 character one.  The 16 character password gets truncated to 8, and that 8 character password doesn't have two upper case, therefore it is rejected.

Make sense?

Anyway, those are some improvements I'd like to see in AwesomePasswordGenerator

This email message and any attachments may contain confidential, proprietary or non-public information. The information is intended solely for the designated recipient(s). If an addressing or transmission error has misdirected this email, please notify the sender immediately and destroy this email. Any review, dissemination, use or reliance upon this information by unintended recipients is prohibited. Any opinions expressed in this email are those of the author personally.

[__alex]

Hello!

On Thursday, August 21, 2014 9:26:32 PM UTC+4, Garry Garrett wrote:

Okay, so I can set the minimum password length.  I have checkboxes for the types of characters to include (a..z, A..Z, 0..9, !@#...).  The problem is, there's no way to set minimum numbers for these types of characters.

I try to generate a password, and every time it gives me one upper case, one numeric, and one symbol, the rest are all lower case.

 

Only if u checked "Easy to type password" option.

 If I have an environment where I am required to use say two upper case characters

 

OMG, that's new) Never seen such systems! Usually requirements are like "password must include digits, upper and lower cases and special symbols, and minimal length is n symbols", which means, for example, 1 digit is enough.
 

, I can't use this password generator (I can generate a password with it, and change one of the lower case ones for upper case, but that's kind of a pain).  I would think, out of the box, the way that it should work is I get at least one of each one checked, but for the remaining characters the type (upper/lower/numeric/symbol) would be randomly determined.  So maybe one time I get 1 upper, 5 lower, 1 numeric, 1 symbol, but next time I run it, perhaps I get 3 upper, 2 lower, 1 digit, 2 symbol?  If I get a combination that I can't use, due to minimum type requirements, I could just generate another one and hopefully it will pass muster.

What would be even better is if I could specify minimums of each type.  So I could say, for example, that I want 2 upper case and 2 symbol.

The last point I'd like to make is, there are still an awful lot of systems that max out at 8 characters.  If I could set minimums, like say 2 upper case, and say I generate a 16 character password, I'd like those two required upper case to appear in the first 8.  Say I have 2 computers, one of which is limited to 8 characters and the other's limit is something huge, like 256 characters.  Say for a given account, I want to set both servers to "the same" password.  But let's say the 256 character one specifies a minimum of 12 characters.  On the 8 character system, you can type more than 8, but anything longer than 8 gets truncated down to 8.  I could set both to "the same" password, a 16 character password, but on the one system it will be truncated to 8.  If my second upper case password appears after the first 8 characters, my password is going to be accepted on my 256 character server, but it will be rejected by the 8 character one.  The 16 character password gets truncated to 8, and that 8 character password doesn't have two upper case, therefore it is rejected.

Make sense?

Anyway, those are some improvements I'd like to see in AwesomePasswordGenerator

 

Listen, Awesome Password Generator (APG) is flexible, but not that flexible. And wishes like "I want 2 upper case and 2 symbol" or "I'd like those two required upper case to appear in the first 8" looks weird to me. I admit it can be useful to have such options in some cases, but how many users need such complicated things? I think not many. So I don't feel it's wise to add such options in APG.

I beg your pardon, but using "same" password for 8 and 256-chars systems is perversion, you'll just confuse yourself.

What I can recommend are:

1. Uncheck "Easy to type password" option
2. Generate a big file with passwords
3. Use custom script/app to filter this file and leave only passwords that correspond to you needs.

APG has a really good password-generation algorithm, so it's probably a good idea to use it for "big file" generation with following custom filtering, instead of generating passwords in the script. You can even omit a "big file" creation and run APG from your script with appropriate command-line parameters.

Good luck!

[Dave Sarver]

Hi Alex,

First let me commend you on writing such an "awesome" password generator!  I don't know how I lived with out this program before this; I have told all my friends and family about it.  I have it on my task bar and anytime I need a password it is just a click away.  Where every I can I generate 16 character passwords, upper and lower case, numerics, and a limited set of special characters.  Works for me.

In support of Garry's request, I too am seeing more and more websites requiring a minimum number of a specific character, upper case mostly.  I have gotten around this by un-checking the "Easy to Type" option and in some cases re-generating until I get what I need.  You might want to consider adding a minimum number for each character type.  I don't see this requirement going away, in fact I'm seeing become more prevalent.

Thanks again for a great program!

Dave

[__alex]

Thanks for praising)
I can promise I will think about than "minimum number per type" thing, but not necessarily will actually change the software.
Providing links to websites requiring a minimum number of a specific character will be helpful though.

[M. George Kerr]

Synchrony Bank requires a minimum of 2 numbers in the password. Program works great except for sites with these types of requirements.