The algorithm has an important deficiency. It is probable to generate a string with missing character's category. i.e it may generate string without numbers. So it should make pre-final check to supply at least one character of a missing character's type.
I tested it with password length 18 characters, (I have password Policy module) and it generated two successive time password with out numbers, I worked around this by changing the entropy string to be like the following:
2abcdefghjkmnpoqrstuvwxyz01ABCDEFGHJKLMNPOQRSTUVWXYZ23456789!#$%&()*+,-./:;<=>?@[]^_{|}~
Fixed
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Used the method from 2.0.x branch to always generate password with at least one character from each set.
Added genpass.api.php too; the existing hook_password was not present, and this added hook_genpass_character_sets_alter.
Automatically closed - issue fixed for 2 weeks with no activity.