Matthew, I've investigated this problem and have the discussion with Vladimir Sharshov about proposed fixes. Since some of passwords may be set by user, it should be done a few dirty hacks in Nailgun to fix this bug (in generators and validators). Moreover, if we made such hacks in validators we'll have to show confusing messages to user like "You can't use this password, because it starts with '0'". That's why hiera solution looks less terrible.
Guys, please give your opinion about this point. If you think I'm wrong I'll make the fix for nailgun.
Matthew, I've investigated this problem and have the discussion with Vladimir Sharshov about proposed fixes. Since some of passwords may be set by user, it should be done a few dirty hacks in Nailgun to fix this bug (in generators and validators). Moreover, if we made such hacks in validators we'll have to show confusing messages to user like "You can't use this password, because it starts with '0'". That's why hiera solution looks less terrible.
Guys, please give your opinion about this point. If you think I'm wrong I'll make the fix for nailgun.