Password length

[Fastidious]

A request: add a flag to set the length of the generated password/amount of words/etc.

[peteygao]

For arbitrary characters, capping the length is as simple as: passgen --hex | cut -c 1-$length

Where $length is the number of characters you want in your password.

For words, use the following: passgen --words | cut -d '.' -f 1-$length

Where $length is the number of words you want in your password.

If you need passwords longer than the default length, then concatenate multiple outputs and run cut -c 1-$length on the final output.

[phillid]

peteyago, while that is valid, it's a bit hackish, and would waste processor time if you're, say, generating a batch of passwords less than 64 characters long. Imagine I was creating a batch of 1000 8-character-long passwords. In a perfect world, only 12.5% of the output the program's generated has ended up being useful.

An option on the command line would be nice.

[defuse]

Yeah, I think it should be a command line option. A more useful alternative option might be to specify the entropy that you want, e.g. ./passgen -w --entropy 80 would spit out enough words for it to be 80-bits worth of entropy. In terms of usability we could have:

--high (for all crypto applications)
     128-bits of entropy
--good (where you have good stretching and want better memorability)
     80-bits of entropy
 --low (when there's rate limiting, so you can get away with a more memorable password)
     50-bits of entropy

I think there should be a --length argument regardless, since some sites have specific length restrictions, but having options like the above might be more informative and/or usable.