If one does eliminate hard minimums, the user needs a way to understand the strength of the password/phrase being generated.
And perhaps display a warning if the generated pass-thing would be less strong than recommended by some authority (e.g. NIST - 8 printable ASCII characters.)