"The new password is to be chosen as a combination of alphabetics, digits and special characters. It must be eight characters long and contain one of the special printable characters (eg $ - ! : / = _). Normal alphabetic characters are case sensitive ie "a" is not the same as "A". Special characters may not appear at the beginning or end."
While it's almost the exact opposite of [0-9]{4,6}, it's extremely annoying too.
This is fairly secure for usual website password, but the requirements would throw this away:
$ openssl rand -base64 9
TjB3tbYOo1wz
Okay, it's fine when you generate a random password for each site (then store it somewhere), but if you're generating password from some one-side function from a site URI, then you have a problem.
"The new password is to be chosen as a combination of alphabetics, digits and special characters. It must be eight characters long and contain one of the special printable characters (eg $ - ! : / = _). Normal alphabetic characters are case sensitive ie "a" is not the same as "A". Special characters may not appear at the beginning or end."