Looks like a good design
Doing something like randomly sampling a range of a-zA-Z0-9 and all the symbols without order or structure is absolutely the worse way of doing it for passwords that humans need to type/read, or in fact anything that might get tripped by special characters (like shell scripts, etc)
Yes yes you might lose a bit of entropy, just add one or two characters to it and it will make up for it. Passwords are not so much bruteforced from zero anymore rather than leaked from places with bad password hashes
replies(1):