Abstract or Summary:
Most modern authentication systems have requirements for passwords beyond just the length. Password managers must be able to generate passwords that both meet these requirements and maintain a maximum level of entropy without causing their users confusion or frustration. Ideally, the generator could select characters completely at random from a set of allowed characters, but this approach will often yield passwords that do not conform to the system’s requirements. I’ll discuss possible solutions to this problem, which solution we chose at 1Password, and the entropy calculation algorithm that made that decision possible.

PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=3IXx_6a_TPs Project page: https://github.com/1password/spg