Eric,
I've just installed bet 0.62. Here is my take after expermenting briefy:
1. User Interface
The UI works and had I not seen the previous version I'd probably say it's good. However... I very much prefer the way it was in 0.60. The need to click an extra button (Account Settings) and the lack of "live" password, make the current UI a bit less sleek IMO.
My guess is that you knew all that, but you had to change the UI in order to work around the bug I described in a previous post (settings copied between accounts). If that is indeed the case, then of course I'll just have to live with it - and once again the current UI isn't bad, just somwhat less convenient.
2. Character range option
First of all - Great! I know I may be nit picking, but it still doesn't solve the problem with on-line banking sites. Some of them require the password to start with a letter and/or require (at periodic password change) that a password won't contain the same character in the same position as in a previous password. I would like to suggest two ideas that may help against such sites as well:
* Prepend counter to generated password - This way I can use an alphanumeric counter (A, B, C, D, ...), and have a unique password which always begins with a character.
* Provide alternate character range - Add another character range, and use the counter to switch between them. For example use the last bit of the last char in the counter, as a toggle: 0 = first character range, 1 = second character range. This way I can ensure that on each increment of the counter the range will toggle.
* Alternative suggestions - Instead of implementing the two above, you may add an option to prepend the counter but NOT use it in the hash (ie. the password remains the same). This way I can use a series of "counters" that always change the positions of the other characters in the password. For example: A[+password], BA[+password], CBA[+password], DCBA[+password], etc.
3. SHA-256 & RIPEMD-160
I read the beta notes that they are currently broken, but maybe this bit will help: Passwords generated with one of those hashes tend to contain many times the fourth character in the range. For example in the default range (0..F) the fourth character is 3 - and the passwords contain many threes. I tested with other character ranges and always the fourth character seems to take over.
HTH,
EZ.