Hello,

as I have updated Composer to version 1.10.5 2020-04-10 11:44:22, I get the following warning now when I run the following command:

composer self-update && composer install --no-dev && composer update --lock

Deprecation Notice: Class Hackzilla\PasswordGenerator\Tests\RandomGenerator\HybridPasswordGeneratorTest 

You can set the number of words, but it would be nice if you could set the minimum length of the words, and the max length of the password.

Or be able to set the max length of the password, and the minimum number of words in it.

Hi! I have a problem with RequirementPasswordGenerator. It generates password with different length on production server with OPcache. I set length = 8, but it sometimes generates password with length 6, 2, etc.

I couldn't find any reason why this happens. On dev environment everything works fine.

Symfony: 3.3.9 PHP 7.1.14-1 with FPM

public function generatePassword(): string
    {
        $this->passwordGenerator
            ->setLength(self::PASS_MIN_LENGTH) // must have a minimum of eight characters,
            ->setOptionValue(RequirementPasswordGenerator::OPTION_NUMBERS, true) // must be composed of numbers...
            ->setMinimumCount(RequirementPasswordGenerator::OPTION_NUMBERS, 1) // ...at least one number...
            ->setOptionValue(RequirementPasswordGenerator::OPTION_SYMBOLS, true) // ...and special characters
            ->setMinimumCount(RequirementPasswordGenerator::OPTION_SYMBOLS, 1)
            ->setOptionValue(RequirementPasswordGenerator::OPTION_UPPER_CASE, true) // at least one upper
            ->setMinimumCount(RequirementPasswordGenerator::OPTION_UPPER_CASE, 1)
            ->setOptionValue(RequirementPasswordGenerator::OPTION_LOWER_CASE, true) // ...and one lower
            ->setMinimumCount(RequirementPasswordGenerator::OPTION_LOWER_CASE, 1);

       // I've written this code to generate pass with required length (FIX)
        do {
            $password = $this->passwordGenerator->generatePassword();
        } while (\strlen($password) !== self::PASS_MIN_LENGTH);

        return $password;
    }

I have a specific requirement where in I can only use certain special characters. Is there anyway to specify what ones will be used when generating a password?

Another odd requirement is my first character must be alphanumeric, but I can do this after with substr.

My password validation needs passwords which contain at least two numbers in the password. I'm using this code:

$generator = new ComputerPasswordGenerator(); $generator ->setOptionValue(ComputerPasswordGenerator::OPTION_UPPER_CASE, true) ->setOptionValue(ComputerPasswordGenerator::OPTION_LOWER_CASE, true) ->setOptionValue(ComputerPasswordGenerator::OPTION_NUMBERS, true) ->setOptionValue(ComputerPasswordGenerator::OPTION_SYMBOLS, true) ->setLength(12); $password = $generator->generatePassword();

Sometimes I get passwords with only one number. Is there an option to define how many of each character classes will be in the password?

use Hackzilla\PasswordGenerator\Generator\ComputerPasswordGenerator;

$generator = new ComputerPasswordGenerator();
$generator->setUppercase(true)->setLowercase(true)->setNumbers(true)->setSymbols(true)->setLength(12)

$password = $generator->generatePasswords(10);
=> [
     "Qk-K4%*n,]%w",
     "kQ7Tzu@AnX9g",
     "%r{?)e5x64$^", // Wrong. Not uppercase
     ")KeT(YkW4q)S",
     "LD5KRnbQ9e/2",
     "Y7Ej{%.D>mv}",
     "e6}f2ERf>eCn",
     "L6!%e<!QSy,2",
     "V[_B@bw4yj/W",
     "M=LJajjm]C!=",
   ]

The problem skipped me when, when using the package in my tests, the validation of the passwords in the generation of password for the creation of users failed me.

Hi I there anyway that you can set that is MUST include one for each of the following

->setUppercase(true) ->setLowercase(true) ->setNumbers(true) ->setSymbols(false)

The most critical part of a password-generator is the source of randomness. The ComputerPasswordGenerator however uses mt_rand which "should not be used for cryptographic purposes" (PHP manual).

Please consider to use a service for the randomness provider and make this service configurable. I'm afraid however that this would break backwards compatibility.

Hi, I cannot add my own symbols, is it possible someway? I tried to defined own option and parameter to it $generator ->setLength(25) ->setOptionValue(RequirementPasswordGenerator::OPTION_UPPER_CASE, true) ->setOptionValue(RequirementPasswordGenerator::OPTION_LOWER_CASE, true) ->setOptionValue(RequirementPasswordGenerator::OPTION_NUMBERS, true) ->setOption($symbols, array('type' => Option::TYPE_BOOLEAN, 'default' => false)) ->setParameter($symbols, '!@#$%^&*?_~-,.+') ->setOptionValue($symbols, true)

but i allways get Hackzilla\PasswordGenerator\Exception\InvalidOptionException. Is there some way to defined it? I need to generate password with specifical symbols. Thanks

The latest composer snapshot throws the following error when trying to generate an optimised autoloader:

Deprecation Notice: Class Hackzilla\PasswordGenerator\Tests\RandomGenerator\HybridPasswordGeneratorTest located in ./vendor/hackzilla/password-generator/Tests/RandomGenerator/NoPasswordGeneratorTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v1.11+.

Currently \Hackzilla\PasswordGenerator\Generator\PasswordGeneratorInterface has no document blocks. This confuses any IDE while dealing with chain calls on setOptionValue().

When I have 5 minutes I will do a PR ;)

Per #11, there is now a note about using a better source of randomness if possible, and a "PHP 7" generator which uses the crypto-safe random_int function.

However, if you add a composer dependency for paragonie/random_compat, you can make random_int the default source on all the versions of PHP you support, and that library will automatically polyfill it with the best source available.