Password utilities library redux

After some reader feedback and a real-life deployment, I've re-factored the password utilities library to be more functional, easier to use, and more maintainable. This has enabled the following improvements:

  • The ability to define and use any combination of the default and custom character sets when generating passwords. There are six default character sets covering the normal ASCII range. You can define as many custom character sets as you wish, with the caveat that the current code allows passwords to be generated from a maximum of 255 unique characters.
  • The ability to encode all of the hash information needed to verify the associated password at a later stage. This includes the hash algorithm (SHA1-160, SHA2-256, SHA3-512, BCRYPT-192, or SCRYPT-512), the salt/hash encoding format (HEX or BASE64), the work factor (number of hash iterations), the encoded password salt, and the encoded password hash. This information is returned in a printable ASCII string that can be stored in a database or other location.
  • An interactive Windows Forms user interface that demonstrates most of the library's capabilities.
  • Some usability and library interface improvements along with a couple of bug fixes.

So to recap on what the library now offers:

Below is a screenshot of the Windows Form interface that can be used to test most of the library's functionality. Any change to one of the parameters shown is immediately reflected in a new password and/or password salt/hash. 

I've open-sourced the library and an example graphical interface using the permissive MIT license. This code is now stored in a Google Code Mercurial repository. While C# and open source initially look like strange bedfellows, both the .NET Framework and Visual Studio Express are provided for free by Microsoft. I haven't tested this under Mono yet, but it's in the list of things to do, along with implementation of the remaining hash algorithms.