Maybe it's worth warning about random generator entropy

[thomasf]

Generating passwords without using a secure random generator is kind of bad.

Using a non secure random generator and then implying "strong" or "paranoid" is not a match.

You might want to look into the aes.el library which has what you need iirc.

[vandrlexay]

I thought emacs gathers entropy from OS, which already provide a good seed for random. Anyway all more or less secure seed can be obtained only from user input, but I want to keep package from promting any of it. Because when you want to generate password, and password generator asks you for a "password" for password - it is ridiculous. The goal of this package is to reduce user time spended on generating password.

I think for typical users provided random will be totally enough. And those ones who needs really bulletproff passwords will use some special software.

[thomasf]

I was thinking that strong and paranoid kind of suggests a good source, maybe /dev/urandom can be utilized on those operating systems that has it?

[Wilfred]

FWIW, Emacs uses /dev/urandom if available. See the Info page for random, or the source code here: https://github.com/emacs-mirror/emacs/blob/master/src/sysdep.c#L2276-L2310

[Wilfred]

If you want to reseed again, you can do so like this:

(defun random-reseed-securely ()
  "Securely reseed Emacs' random number generator."
  (random (shell-command "cat < /dev/urandom | fold -w32 | head -n1")))