# The Password Forge > Eight random characters - how many combinations exist? Canonical URL: Domain: Python · Difficulty: easy · Seniority: L3 ## Problem Generate an 8-character password containing at least one uppercase letter, one lowercase letter, one digit, and one special character from '!@#$%^&*'. Use only Python's standard library. The test validator checks the password meets all four requirements (the expected_output '__validate__' signals the grader to run structural checks, not equality). ## Worked solution and explanation ### Why this problem exists in real interviews This tests **constraint satisfaction with randomization**. It checks whether candidates can guarantee that all character class requirements are met while still producing a random result, combining `random` module usage with logical structure. --- ### Break down the requirements #### Step 1: Guarantee one character from each required class Pick one random uppercase, one lowercase, one digit, and one special character. This ensures all four classes are represented. #### Step 2: Fill remaining positions randomly Pick the remaining 4 characters from the combined pool of all character classes. #### Step 3: Shuffle the result The guaranteed characters are at fixed positions without shuffling, which would make the pattern predictable. --- ### The solution **Class-guaranteed generation with shuffle** ```python import random import string def generate_password(): upper = string.ascii_uppercase lower = string.ascii_lowercase digits = string.digits specials = '!@#$%^&*' chars = [] chars.append(random.choice(upper)) chars.append(random.choice(lower)) chars.append(random.choice(digits)) chars.append(random.choice(specials)) all_chars = upper + lower + digits + specials for _ in range(4): chars.append(random.choice(all_chars)) random.shuffle(chars) result = ''.join(chars) return result ``` > **Time and Space Complexity** > > **Time:** O(1). The password length is fixed at 8. > > **Space:** O(1). The character pool and result are constant size. > **Interviewers Watch For** > > Do you shuffle after placing the guaranteed characters? Without shuffling, the first four positions always follow the same class pattern, making passwords predictable. > **Common Pitfall** > > Generating 8 random characters from the full pool and hoping all classes are covered. This produces invalid passwords a significant fraction of the time. --- ## Common follow-up questions - How would you make the password length configurable? _(Tests parameterizing the function while maintaining the minimum requirements.)_ - What if you needed cryptographically secure randomness? _(Tests using `secrets` module instead of `random`.)_ - How would you test that generated passwords meet all constraints? _(Tests writing a validation function that checks each character class.)_ ## Related - [All practice problems](https://datadriven.io/problems) - [Mock interview mode](https://datadriven.io/interview/the_password_forge) - [Python Interview Questions](https://datadriven.io/python-interview-questions) - [Data Engineering Interview Prep Guide](https://datadriven.io/data-engineer-interview-prep) - [Daily Challenge](https://datadriven.io/daily) --- Source: DataDriven (https://datadriven.io). 100% free data engineering interview prep. Live code execution against Postgres 16, Python 3.11, and Spark sandboxes. No paywall, no premium tier, no signup gate.