The minimum length of password generated from the password generator is 5 characters. But I frequently use the password generator to generate PINs, which are typically of 4 digits, by just selecting numbers in the options. It would be helpful if the password generator can allow generating passwords of less than 5 characters [numbers in my case].
Same case with the passphrase generator. The minimum words it can generate is 3. While I use the passphrase generator to generate a word to add as a salt to my self created password. It would be helpful if the passphrase generator can allow generating passphrases of 1 words to use as addition to my password.
I know we can just select part of the generated output to use as needed but then my mind gets confused as to which 4 numbers to select or which word to select. And it should be a very simple task to allow selecting smaller number.
I know reducing the minimum number of characters or words carries the risk that some users will create even shorter passwords. But this seems to punish other users to keep not so knowledgeable users safe [probably].
I agree with your request. I did modify the title to be more clear (old title was: âMinimum length of password generator outputâ; new title: âOption to reduce minimum length of password generator outputâ) .
Thanks for linking that post. My search did not bring up any posts regarding minimum password length from password generator. I would suggest the new limit be kept 1 for both password and passphrase. No point in limiting the use of the software artificially.
Also, the point that it will reduce security is not Bitwardenâs lookout. It is up to the website / application requesting the user to create a password to enforce password complexity requirements.
Enabling this option I can use a random number or symbol as the separator between the words in a passphrase. But for this I need to be able to generate single character random numbers / symbols from the password tab.
Expanding on this, the password generator can have custom field syntax based password generator. So users can define their own custom fields in the password generator and it will allow us to mix and match elements to create custom passwords in desired formats. eg. <1word><2numbers><2symbols> or <8alphabets><2numbers>
To reflect, that passphrases are also meant, I changed your title slightly. (yours was âOption to reduce minimum length of password generator outputâ)
there is a policy to set the lowest settings for generating passwords. Thatâs a nice setting.
But there are services on the web that have (sadly) stupid settings for the passwords like a max length or something like that. It would be cool if users can change the settings for the generator in order to generate valuable passwords.
Hey @matcha, thanks for the feedback, for the odd credential that is weaker than the policy being enforced, you can always use the website version here. A manual entry can be inserted into the password field.
some websites have password limits, the minimum limit that Bitwarden generates will be over the limit. so, please reduce the passphrase words minimum limit to 2
What types of websites were you planning to use such a password for? Can you provide some examples (real or hypothetical)? With a 2-word passphrase, there are only 60 million possibilities, which makes the password very easy to guess. Is there a reason why you canât use a password consisting of a random string of characters instead?
Yes please. I just tried to generate a new password for my Spectrum account. They have a maximum character limit of 20. Everything I generated with BW was over that because of the 3 word minimum. There should either be an option to use â2â words (have it default to 3 each time) or to let me specify the character maximum.
A two-word passphrase is about as secure as a password consisting of 5.5 random lowercase letters.
When faced with a low character limit, you would be better off switching over to the password generator, instead of the passphrase generator.
Fortunately for us Bitwarden users, it generally is not necessary for most of our passwords to be memorable or easy to type, due to the magic of auto-fill.
Thatâs why I also suggested the alternative of being able to specify a character limit. At 20 characters, that could be 3 words if it picked some long and some short words.
And normally I use passwords, but sometimes I need to manually type in a password on a different computer or device and typing words is much easier than random gibberish.
