The following comment was made in the Android Market: "Works as described, but 
I can't select required parameters like: must be 6-8 characters, contain at 
least 2 letters and 2 numbers."

The length restriction is technically a non-issue; if a minimum and maximum 
length is set by the service you wish to authenticate with, simply set the 
Length Restriction field to the maximum value (in this case, 8) and the 
requirement should be met.

However, there is nothing in Cryptnos to enforce rules for more detailed 
character requirements, aside from the general options listed under Character 
Restrictions. In other words, there is no way to specify "at least 2 letters 
and 2 numbers". For this specific example, it is likely not an issue; Cryptnos 
passwords are Base64-encoded data, so it is statistically unlikely that a 
password will be generated with zero or one of these specific character 
classes. Likewise, Base64 data is mixed case, so it is unlikely that a password 
would be generated with only one case (i.e. all lowercase or all uppercase). 
There are two symbols in Base64 (in our case, the plus sign and forward slash), 
which may statistically be less likely to appear than alphanumerics, but it is 
still unlikely that an 8-character password wouldn't contain at least one.

Still, I look at this comment as a request and I'll treat it as such. This will 
be a complex one, because it would require logic, UI, storage, and 
import/export changes. It would also require changes to Cryptnos for Windows 
for the two apps to remain in sync. I'll have to think about whether or not to 
implement this one, and I'll leave it open for a while for commenting.

This is, of course, easy enough to work around without modifying the 
application. If a specific combination of site token and master password does 
not meet these requirements, slightly changing one or the other will generate a 
vastly different password that probably will. Choosing the most inclusive 
Character Restriction setting ("All generated characters") will ensure the 
greatest likelihood of meeting the requirement. If you feel strongly about the 
site token and master password used, incrementing the Hash Iterations setting 
will generate something new that is also very probable to meet the requirement. 
Since site token, character restrictions, and hash iterations are all saved 
with your parameter data, only changes to the master password require extra 
effort on the part of the user.