[pass] generate passwords natively instead of dependency

[Jonathan D. Proulx]

Having an external dependency for one use may seem like a lot and the
may have been issues with it in the past, but duplicating that effort
is just more places to introduce security bugs and fewer eyes looking
for them.

If you're concerned about pwgen's security work with them to fix it.

That's the right thing IMO, second best is to make it pluggable so I
can choose the right thing :)

-Jon