My startup project: pwgen.net

So... I'm unlikely to use a website for password generation. Even if everything is done in JS (which from a cursory glance seems to be the case here), that could easily be changed without me knowing it. I think that is a showstopping issue for this app, because any competent administrator will avoid handing out passwords, and nobody wants to read through your sourcecode. You need to seriously rethink the trust issues here.<p>Other than that, please get someone who is a native English speaker to look over your text. I haven't the foggiest idea what some of it means.

The advisability of using this tool has already been discussed so I'll ignore that aspect and critique the tool as is . . .<p>- It isn't clear what's the significance of the master and slave pages. I know you have a paragraph of text on the slave page but I think that needs to be the first thing you see. It's a feature which distinguishes you from many other services. Shout about it.<p>- Your guidelines state that a good password will, "Be seven or fourteen characters long, due to the way in which encryption works. For obvious reasons, fourteen characters are preferable." The default on the form is 8 characters. Try to be internally consistent. My knowledge of encryption is fairly weak, why is 7 or 14 characters best?<p>- Your privacy statement says, "API page only permitted SSL(https) requests." I seem able to access the page using plain http.<p>- What is the significance of "You generate password 50 times in the an hour. Because, we check SPAM requests." The way I'm reading it you only generate 50 sets of password each hour and if more than 50 people come to your site you just serve the same set of passwords again. I doubt this is correct but that's the way I read it.

It is not a challenge to generate strong passwords. It is a challenge to remember them.

Isn't this the second post lately on nice mini-tools which probably can't easily translate into a startup? There is a difference between just a web app and a business, right?

I use some variation on<p><pre><code> tr -dc 'A-Za-z0-9' &#60;/dev/urandom | dd bs=8 count=1 2&#62;/dev/null; echo </code></pre> when I want a quick throw-away password.

This is mini tools. And This application don't keep password. This is source code. I think write with js this app but maybe firefox add-on or iphone plugin etc usable api can require.<p>Source Code: <a href="http://code.google.com/p/pwgen-net/" rel="nofollow">http://code.google.com/p/pwgen-net/</a>

The <i>real</i> security problem relates to social engineering, which this website could quite well be exploiting. Therefore, there is no reason for this. Take your tech skills and move onto something that corresponds to market requirements.

1) Why do I need to enable Javascript to use even the most basic functionality of your website?<p>2) Why would anyone use this? The security implications are obvious and severe.<p>Congrats on building it, though. Certainly a useful exercise.

A firefox plugin might increase my comfort level in using something like this.

I'm not really sure why you'd ever want a website to do this, even client side. There are tools like apg that do exactly this; what does the javascript version offer?

Bookmarked! It's nice to have a generator for passwords.<p>you have a small typo: diffrent should be different<p>Cheers :)

I really don't see the point?

Seems like goodpassword.com.

You need a bookmarklet.