Closed dallen4 closed 4 years ago
Those are ignored if you don't use the strict
option.
@dallen4 it's true that the strict
option is needed to ensure those characters are included in the password. While it may be less intuitive, having that as the default results in passwords with slightly more entropy = strength. Perhaps that should be better documented (PRs are welcome!), but I'm going to close this issue otherwise. 🍾
Details
I'm not sure if the boolean values were intended to always include that character type or only most of the time, but I used this library to aid in a temporary password flow and had a number of instances where providing the following options resulted in a password string without a number.
I tried this with multiple other options configurations and found that passing a
numbers
value oftrue
does not in fact guarantee that the generated string will include a numeric value.