Even though the generated passwords are generated in a secure
way, there is a minimal chance, that the same password was used
by someone before and this password was part of a leak.
If you want to be on the safe side, you can now use the "-p"
parameter, to have your newly generated password against the
HIBP (https://haveibeenpwned.com) database. This feature is
disabled by default, since it requires internet access and also
the API call might take ~500ms to 1sec.
The previous behavior was wrong in a way, that default values
like "use lower case" defaulted to true and using the -L param
would not set it to false, but simple keep the true default which
made the parameter useless.
Now all parameters still use the same defaults but setting the
corresponding flag on the CLI will negate the default, so using
-L on the CLI would set "useLowerCase" to false instead of the
default of true.
To address issue #13, the password length behaviour of the
original APG has been reproduced. Previously, when a minLength
of 5 and a maxLength of 10 was given, apg-go se the pwLength to
the preferred maxLength.
With v0.3.1 it will choose a random length between minLength and
maxLength instead, same as the original C-lang apg did. For this
the minLength has been defaulted to a sane value of 12 (instead
of the 8 of the original apg). The default for maxLength stayed
at 20.
Also the default number of generated passwords has been changed
from 1 to 6, to replicate the behaviour of the original apg.
To address issue #13, the password length behaviour of the
original APG has been reproduced. Previously, when a minLength
of 5 and a maxLength of 10 was given, apg-go se the pwLength to
the preferred maxLength.
With v0.3.1 it will choose a random length between minLength and
maxLength instead, same as the original C-lang apg did. For this
the minLength has been defaulted to a sane value of 12 (instead
of the 8 of the original apg). The default for maxLength stayed
at 20.
Also the default number of generated passwords has been changed
from 1 to 6, to replicate the behaviour of the original apg.