Question about generating new passwords

[xbjfk]

Hi, I'm trying to generate a password for a website I've never used with gopass before.

While it asks for the length, it doesn't ask for whether I want symbols or not (after printing "Using password rules for [site] ...") how can I clear these rules and generate a password with symbols?
I've tried using generate --force --symbols [entry] but the same message is printed and the --symbols argument is ignored.

[AnomalRoil]

On my side it seems to work just fine with the --symbols flag:

$ gopass generate -p --force --symbols test.com/test
How long should the password be? (q to abort) [24]: 12
✅ Password for entry "test.com/test" generated
⚠ The generated password is:

?tKRO3=AJzMn

$ gopass generate -p --force test.com/test
How long should the password be? (q to abort) [24]: 12
✅ Password for entry "test.com/test" generated
⚠ The generated password is:

Jr6RPqYIuvoE

What are you doing exactly?

[xbjfk]

Hi, sorry that my initial post was confusing.
A while ago I created an account for example.com a while back and did not enable symbols. I don't recall the rest of the options I used.
When I try to generate a new password now, I get the following output:

$ gopass generate -p --force --symbols example.com
Using password rules for example.com ...
How long should the password be? (min: 8, max: 63) (q to abort) [16]: 
✅ Password for entry "example.com" generated
⚠ The generated password is:

weaGIqX0f3l8rW1u

Thanks

[AnomalRoil]

What does gopass version tell you ?

[xbjfk]

$ gopass version
gopass 1.13.1 (2022-02-13 02:02:36) go1.17.5 linux amd64
<root>     -  gpg 2.3.4 - git 2.34.1
Available Crypto Backends: age, gpgcli, plain
Available Storage Backends: fs, gitfs

[AnomalRoil]

My best guess is that you're trying to generate a password for a domain which is included in our list of domains with fancy rules:

gopass/internal/action/generate.go

Lines 163 to 171 in d83fe6e

	func (s *Action) generatePassword(ctx context.Context, c *cli.Context, length, name string) (string, error) {
	if domain, rule := hasPwRuleForSecret(name); domain != "" {
	return s.generatePasswordForRule(ctx, c, length, name, domain, rule)
	}
	symbols := false
	if c.IsSet("symbols") {
	symbols = c.Bool("symbols")
	}

So we match on "hasPwRuleForSecret" before even looking at flags and the rest.

Can you confirm whether the domain is on that list or not, please:
https://raw.githubusercontent.com/apple/password-manager-resources/main/quirks/password-rules.json

[xbjfk]

Thank you, this was it! Sorry for not realising sooner.

[AnomalRoil]

Did you need to bypass the rule or was the rule accurate?

[dominikschulz]

Should we make it more obvious if we apply a canned rule?

[AnomalRoil]

Yeah, I opened #2140 about it :)