What default functions should the random password generator provide?

Password Management Tools

After searching, I found that all the password management software I could find could not meet my own requirements. Therefore, I finally made up my mind to write my own password management tools. One of the reasons why I chose to write a password management tool by myself is to quickly generate random passwords.

Of course, the highest priority is to create incredible and complex enough passwords, because I want to manage them through password tools rather than trying to remember them; but for passwords of different purposes, you can select different password policies. Many times, some websites limit the password length and character type, and the length can be much shorter than expected.

Therefore, I need to randomlyPassword generatorThe components are customizable and adjustable. This is a simple part. On the other hand, such a tool should also be very useful when used independently. Not only for me, but also for many people. Therefore, I want to use the random password generator component as a separate tool and release it in the form of open source code. In fact, I plan to do the same for the entire password management tool. This seems simple, and there is nothing special, but it provides at least a slightly different method than other tools I see, it may make some people feel more effective in password management.

Providing configurable options to the public may cause default problems. There are two default problems that need to be considered in my interest. One is the length of the password generation, and the other is the use range of special characters.

Note that I will split the password generator component into a combination library and a command line tool. Therefore, the time it is used independently involves the command line parameters (for example, -l 15 indicates that the password length is 15 characters ).

Default Length

I am considering how to achieve the best random password length function. Therefore, I decided to provide a clear password length and maximum password length. If you select the maximum length, the maximum variable length within the specified range will be selected.

In this case, the problem actually contains two parts:

1. is the default length a variable or a definite length?

2. Should the default length be relatively low or high?

In my opinion, I prefer a definite length of 10 or 20 characters. For a website, the length of 20 characters is too long. The default value may be 10 characters. But on the other hand, the 20 characters will make the password safer, and you can reduce the length by setting the password length. If you have any suggestions, please let me know.

Default character selection

On the one hand, allowing all ASCII characters will greatly improve security compared with increasing the default password length. On the other hand, restrictions on the use of only uppercase and lowercase letters and numbers are almost everywhere. I personally prefer that the program can process all types of characters by default, but not necessarily stick to this option.

What else is the problem?

How do you think of this question? For end users, how do you encourage them to improve their security awareness and choose to use the default settings? How can they prevent tools from getting too complicated and scaring them away? What do you think about your own needs? I hope I can see my comments and suggestions in my message. I cannot guarantee that it meets your requirements, but I promise you will seriously consider it.