Password generation
For any selected entry, clicking on the Generate button beneath the password field opens the password generation dialog box. Here you can generate random passwords according to a number of rules. If you just want to generate a password without using it for an entry, the generator can also be displayed via Window > Show Password Generator.
Passwords in MacPass are generated by creating a concatenation of all possible characters and then picking them randomly one by one via a NSString
category to create a password. The random data to create an index for picking is generated using SecRandomCopyBytes
which is considered crypographically secure. See NSData+Random.m and NString+MPPasswordCreation.m
Displays the currently generated password. Clicking the rounded arrow on the right generates a new random password.
The slider and input field allow adjusting the length of the generated password.
This displays the Shannon Entropy of the currently generated password. In simplified terms, this is the base-2-logarithm of the number of all possible such passwords -- 100 bits entropy equals 2^100 possible passwords.
Passwords are generated by creating a concatenation of characters selected in this subsection. In addition to upper (A-Z) and lower (a-z) case letters, you can choose to include numbers (0-9) and a selection of symbols (#!?). In addition you can enter characters into the 'Custom' field that are included in the password randomly.
Checking this box copies the password into the pasteboard when you press Use Password. Consider that if you've set MacPass to automatically clear the pasteboard after a certain time the password will eventually be removed.
Clicking this button stores the currently selected password generation rules as the defaults for the password generation dialogue box. If the current settings are already stored as defaults (either as global or as a per entry defaults), the button will be disabled. After you did change any parameter, the button then gets enabled.
If this is checked, the password generation rules are stored as default only for this entry. This is useful for special policies or services, that require a frequent regeneration of passwords. Once an entry based default has been stored, it can be reset to the global default rules by holding the ⌥ key - this turns the Set Defaults button into a Reset button. This checkbox is only visible, if you've opened the password generator for an entry. It's missing in the stand alone password generator window.