[PATCH] stop using pwgen
Brian Candler
b.candler at pobox.com
Sun Dec 18 10:31:54 CET 2016
On 17/12/2016 23:22, Antoine Beaupré wrote:
>> base64 turns each group of 3 bytes into 4 characters, so 18 bytes => 24
>> characters
> ah. yes. i was counting the last = sign, sorry.
>
"=" signs are only added if the input isn't a multiple of 3 bytes:
$ echo -n "abc" | base64
YWJj
> > `base64` is not compatible with any password rules that require a
special character.
>
> actually, it is, often. i have observed that base64 will yield a + or /
> sign in about one out of 3 generated passwords.
My experience is also that 16-character base64 passwords are accepted
most of the time, as long as the generated password has a mix of
upper-case/lower-case/digits.
There are some sites which require a special symbol. However I also
recently came across a site which rejected a base64 password because it
did not allow + or / in a password. You can't have one algorithm which
always works :-(
Regards,
Brian.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20161218/a3796929/attachment.html>
More information about the Password-Store
mailing list