Just tried generating a password during provisioner creation and was greeted with this 32 character unholiness:
unrA%[d(`D0JmwaB)}z];fuJ'AN0U;

reasons this is yucky and awful:

• some of these are escape characters.
• some SQL and financial systems barf on certain characters. :(
• makes a lot of assumptions about the sanity of inputs for automated systems :(
• makes developers in a remote console with limited access to a paste buffer cry.

cool idea to make passwords cool and also neat:

• deprecate passwords.
• the awesome dudes at openwall have a library that generates passphrases
• https://www.openwall.com/passwdqc/
• its got go bindings. yay go!
• its a library supported by security people from name brands like openbsd