[pass] Provide symbol set as command line argument
Brian Candler
b.candler at pobox.com
Fri Nov 11 12:16:35 CET 2016
On 11/11/2016 11:01, Lenz Weber wrote:
> * If yes, how should it do so?
> * Should it be a command switch,
> * should it be passed as a CHARSET environment varianble (my
> preference)?
or:
* Should it be configurable to use an external password generator (my
preference)?
> Base64 may sometimes be sufficient and sometimes just not satisfy
restrictions imposed by the website
But CHARSET by itself doesn't solve that problem either. CHARSET says
which characters *may* be in the password, but it won't always generate
an acceptable password if the site has additional constraints, e.g.
- minimum of 1 number
- minimum of 1 lower-case character
- minimum of 1 upper-case character
- minimum of 1 symbol
- no more than two consecutive characters the same
- no dictionary words
... etc ad infinitum
(Aside: of course, all those requirements are provably *stupid* when you
are generating a truly random password. They reduce the number of valid
combinations that a given N-character password has, and therefore make
the password easier to brute-force)
But I'm not arguing that base64 should be the only approach supported by
pass (although I would argue it's a strong and reasonable default and
works well for the majority of sites). Rather, I argue that if someone
wants to do something other than pass' default, whatever that default
is, they should be able to launch an external password generator tool.
That will satisfy everyone, regardless of their password preferences.
Regards,
Brian.
More information about the Password-Store
mailing list