How to Generate Random Password with Custom Special Characters

by Rian

In one of the previous post, I wrote a Python code to generate “type-friendly” version of random passwords, where “type-friendly” meant generating clusters of strings. But touchscreen isn’t the only time I want custom grammar rules from password managers.

Password managers generally have better UI to random passwords for whatever length you choose. The only problem I have had so far is that different websites, services, they don’t share the same “special characters policy”, so to speak. In some apps, it even takes emojis so long as it’s part of unicode, while the others only have spots for few designated special characters.

In total, there are two problems: one. “truly random” password are actually against the policies, two. special characters defined by password managers might be different from what the policies want. For example, most policies are written out to use all four combinations: uppercase, lowercase, digits, and special characters. But a truly random password, generated from password manager, may not include one of them. It was “random”, but not what the said policy wants. Same goes with the special characters. It wants special characters, but often it only support few specific sets of characters.

Here we have yet another Python code. As usual, the code can be run on any platform, including PCs, Macs, and smartphones. There are two variables you could work with: set_length, to control the length of the password, and special_character_permitted, to define what special characters will be used. The code will have at least one characters from each set (e.g. one from uppercase, one from lowercase, and etc.).

# !/usr/bin/env python3
	
import secrets
import string

set_length = 16
special_character_permitted = ['!','@','#','$', '^', '&']

special_character_permitted = ''.join(str(i) for i in special_character_permitted)
string_mix = [string.ascii_lowercase, 
	string.ascii_uppercase, 
	string.digits, 
	special_character_permitted]

pattern = [None for i in range(set_length)]

for idx in string_mix:
	while True:
		fidx = secrets.randbelow(set_length)
		if pattern[fidx] is None:
			pattern[fidx] = secrets.choice(idx)
			break

string_mix = string.ascii_letters + string.digits + special_character_permitted
for idx in range(set_length):
	if pattern[idx] is None:
		pattern[idx] = secrets.choice(string_mix)

print(*pattern, sep='')

I do feel like password managers should support some level of grammar customizations. Although it might be less secure, if the service provider is unwilling to update the system, the users have to cope with it; and I expect the password managers to provide most suitable solution in such circumstances. It’s one thing to point out they need to update, but another to tell users to avoid using them —sometimes, we just don’t get a say in the matter.