While we all understand the frustration with systems that force users to follow bizarre rules when devising their passwords, I believe the KeePass author deliberately limits support for such schemes in an attempt to discourage their proliferation. In other words, if Site XYZ tells you that you can't use a certain string as your password, your issue is really with XYZ, not KeePass.
Now it's obvious that these strange policies are intended to discourage users from selecting passwords that are too easy to guess, but I also think that the dangers of this have been long known and laid out plainly, and for those people that still insist on using the same password for everything - the catastrophes waiting to happen - no amount of restrictiveness will get them to change.
Of course, knowing this doesn't help us responsible Internet citizens when needing to comply with these rules, but KeePass can adapt to most of these rules already, and for those that still need tweaking, it's fairly easy to set the rules as close as possible and then generate dozens or hundreds of passwords using those rules. Once you have such a list, you can examine each candidate, pick whichever satisfies the site's rules best, or even mix and match pieces from several passwords on the list.
(You may consider this to be an excessively manual process, but changing a password should never become something one does without thinking. I feel that KeePass has largely struck a good balance between automating the process and making sure the user is aware of the consequences of those actions. The main shortcoming in this manual procedure is the possibility of changing a password but failing to record what you ultimately changed it to - but there is a Password Change Assistant plugin to help there, too.)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
How would this work?
Why is it better than the existing?
cheers, Paul
While we all understand the frustration with systems that force users to follow bizarre rules when devising their passwords, I believe the KeePass author deliberately limits support for such schemes in an attempt to discourage their proliferation. In other words, if Site XYZ tells you that you can't use a certain string as your password, your issue is really with XYZ, not KeePass.
Now it's obvious that these strange policies are intended to discourage users from selecting passwords that are too easy to guess, but I also think that the dangers of this have been long known and laid out plainly, and for those people that still insist on using the same password for everything - the catastrophes waiting to happen - no amount of restrictiveness will get them to change.
Of course, knowing this doesn't help us responsible Internet citizens when needing to comply with these rules, but KeePass can adapt to most of these rules already, and for those that still need tweaking, it's fairly easy to set the rules as close as possible and then generate dozens or hundreds of passwords using those rules. Once you have such a list, you can examine each candidate, pick whichever satisfies the site's rules best, or even mix and match pieces from several passwords on the list.
(You may consider this to be an excessively manual process, but changing a password should never become something one does without thinking. I feel that KeePass has largely struck a good balance between automating the process and making sure the user is aware of the consequences of those actions. The main shortcoming in this manual procedure is the possibility of changing a password but failing to record what you ultimately changed it to - but there is a Password Change Assistant plugin to help there, too.)