Password generator - each character must occur at most once

Please add option to generate password with option that each character must occur at most once. It’s feature from KeePass password manager. This feature improve quality of generated password. It could be any checkbox in generator settings.

If you check all the boxes you will get a password that has at least
1 upper case, 1 lower case, 1 number and 1 special character.

Welcome to the forum @wamop87370.

Can you clarify what you are requesting - are you asking that the password generator never uses the same character twice within a password? Why is character generation without replacement superior to character generation with replacement (i.e., may use redundant characters)? There are more potential password combinations with replacement than without.

I’d like to submit idea that password generator never uses the same character more than one time. It will be useful to get the best password with the biggest entopy. This feature is also easy to prepare for devs.

Still not following you. More characters = more potential combinations = greater entropy = more secure password. You have it backwards.

1 Like

hi wamop87370,

I am slightly confused from you calculation that not reusing the characters gives a bigger password entropy .

to expand on dh024’s answer.

If you cannot repeat a character in the password - this reduces the number of possible combinations, as with each additional character there is a smaller ‘pool’ of usable characters to randomly choose from.

If you can repeat a character in the password - this has a much higher number of possible combinations in a password of a given length, as each additional character can be any character from the pool of characters, even ones that were already used. Random repeats of characters do not decrease the quality of the password.

I will try an example to explain this:
if you make a random password that is 26 chars long, and can only be made up of lowercase a-z (26 possible characters), and you cannot repeat a character that is used, then the number of possible combinations is:
26! (26 factorial)
which is 403,291,461,126,605,635,584,000,000 (4.03e26) possible combinations

if you make another random password that is 26 chars long and can only be made of letters from lowercase a-z, but this time you can reuse a character that was already used, then the number of possible combinations is:
26^26
which is 6,156,119,580,207,157,310,796,674,288,400,203,776 (6.16e36) possible combinations.

these are both very large numbers of possible combinations, but if you can reuse characters this creates a password with over 15 billion times more possible combinations than not reusing characters.

being able to reuse characters makes a stronger password with higher entropy, not a weaker one.

4 Likes

I just want to throw in that not being able to reuse characters would also limit the maximum length of passwords to 70 characters instead of the current limit of 128 :Ü™