A minor detail: A good random character also contains non-alphanumeric characters. On my default azerty keyboard, I can see between 40 and 45 other characters that you haven't included that can be used, not even including any combinations. Fortunately, after you made the changes recommended by TheFailure, this will be trivial to add, 2 lines at most.
forFor reference, these are the signs:
23&|é@"#'([§^è!ç{à})°-_^ ̈]$*ù% ́`£μ,?;.:/=+~<>\
In case it isn't obvious, all these symbols are safe to use in a password, provided the recipient system handles the password properly (i.e. immediately hash it, never store it directly into the database,...)
Assuming you're making the changes from TheFailure, here's how to add them. At first I thought it was an easy addition, but apparently, Java doesn't have verbatim strings, so it gets somewhat trickier:
Add this line to the place where you declare the other character strings:
// Symbols
private static final String SYMBOLS = "\u00b2\u00b3&|\u00e9@\"#\'([\u00a7^\u00e8!\u00e7{\u00e0})\u00b0-_^\u00a8]$*\u00f9%\u00b4`\u00a3\u00b5,?;.:/=+~<>\\";
Then at the place where you concatenated those other strings, add this:
if (useSymbols) characterString += SYMBOLS;
Please note that this is untested. I haven't used Java in years and this might not be the best method. I believe you can also use StringEscapeUtils.EscapeJava(), but that requires you to escape some characters in advance already.
A minor detail: A good random character also contains non-alphanumeric characters. On my default azerty keyboard, I can see between 40 and 45 other characters that you haven't included that can be used, not even including any combinations. Fortunately, after you made the changes recommended by TheFailure, this will be trivial to add, 2 lines at most.
for reference, these are the signs:
23&|é@"#'([§^è!ç{à})°-_^ ̈]$*ù% ́`£μ,?;.:/=+~<>\
In case it isn't obvious, all these symbols are safe to use in a password, provided the recipient system handles the password properly (i.e. immediately hash it, never store it directly into the database,...)
A minor detail: A good random character also contains non-alphanumeric characters. On my default azerty keyboard, I can see between 40 and 45 other characters that you haven't included that can be used, not even including any combinations. Fortunately, after you made the changes recommended by TheFailure, this will be trivial to add, 2 lines at most.
For reference, these are the signs:
23&|é@"#'([§^è!ç{à})°-_^ ̈]$*ù% ́`£μ,?;.:/=+~<>\
In case it isn't obvious, all these symbols are safe to use in a password, provided the recipient system handles the password properly (i.e. immediately hash it, never store it directly into the database,...)
Assuming you're making the changes from TheFailure, here's how to add them. At first I thought it was an easy addition, but apparently, Java doesn't have verbatim strings, so it gets somewhat trickier:
Add this line to the place where you declare the other character strings:
// Symbols
private static final String SYMBOLS = "\u00b2\u00b3&|\u00e9@\"#\'([\u00a7^\u00e8!\u00e7{\u00e0})\u00b0-_^\u00a8]$*\u00f9%\u00b4`\u00a3\u00b5,?;.:/=+~<>\\";
Then at the place where you concatenated those other strings, add this:
if (useSymbols) characterString += SYMBOLS;
Please note that this is untested. I haven't used Java in years and this might not be the best method. I believe you can also use StringEscapeUtils.EscapeJava(), but that requires you to escape some characters in advance already.
A minor detail: A good random character also contains non-alphanumeric characters. On my default azerty keyboard, I can see between 40 and 45 other characters that you haven't included that can be used, not even including any combinations. Fortunately, after you made the changes recommended by TheFailure, this will be trivial to add, 2 lines at most.
for reference, these are the signs:
23&|é@"#'([§^è!ç{à})°-_^ ̈]$*ù% ́`£μ,?;.:/=+~<>\
In case it isn't obvious, all these symbols are safe to use in a password, provided the recipient system handles the password properly (i.e. immediately hash it, never store it directly into the database,...)