Here is an example using Commons. It creates an Alphanumeric password between 8 and 20 characters long.
public String getRandomPassword() {
StringBuffer password = new StringBuffer(20);
int next = RandomUtils.nextInt(13) + 8;
password.append(RandomStringUtils.randomAlphanumeric(next));
return password.toString();
}
UPDATE
RandomUtils.nextInt returns a number between 0 (inclusive) and the specified value (exclusive) so to get a value between 8 and 20 characters inclusive, the argument value should be 13. I've corrected the code above.
UPDATE
As noted in a comment below, this could be written without using StringBuffer. Here is a modified one line version:
return RandomStringUtils.randomAlphanumeric(RandomUtils.nextInt(13) + 8);
