A password policy describes the rules that are used to create a password - the letters, letter cases, length, and any special characters that are required. Some institutions require only lower case characters while others will demand that an upper case character, number, and special character be used, as well as a specified minimum length. In general, it is a good idea to use the longest allowable length and the largest permitted mix of characters. Please verify the exact password requirements with the entities that require them.
It is now possible to select the default symbol list that will be used in a database via the "Manage → Password Policies..." dialog. In addition, each entry can have its own symbol list specified via the Add or Edit entry dialogs. Note: these symbol lists are not used for either pronounceable or easy-to-read passwords.
The Manage Password Policies dialog allows you to set the global password generation policy as well as Named Password Policies. All these are saved in database header and so are database specific. This policy can be overridden temporarily and passwords manually edited at any time in the Edit/View Entry dialog.
Each "use" item (e.g., use digits, use symbols, etc.) checked in the dialog forces Password Safe to include the specified characters in the passwords it generates. Each password will also be generated to the specified length (no shorter, no longer). The only exception to this is the Use hexadecimal digits only check box. When checked, passwords will include those characters that represent hexadecimal digits only. Selecting this option disables all other check boxes.
Selecting Generate pronounceable passwords will cause Password Safe to generate a "nonsense" word that should be pronounceable, such as "ingstria", "ringsony", etc. This is useful when you need a password that is both secure and relatively easy to remember without Password Safe. Choosing this option with use digits and/or use symbols will enable replacing some letters with their "leet" equivalent, e.g., "E" may be replaced by "3", "S" by "5", etc.
The characters that are added when use symbols is checked are: + - = _ @ # $ % ^ & ; : , . < > / ~ \ [ ] ( ) { } ? ! | unless use only easy-to-read characters is selected as well, in which case the characters are only: + - = _ @ # $ % ^ & < > / ~ \ ?
The letters used when use only easy-to-read characters is checked are: a b c d e f g h i j k m n o p q r s t u v w x y z and A B C D E F G H J K L M N P Q R T U V W X Y, and the digits are limited to 3 4 6 7 8 9.