I noticed when trying out the little dd example you only give base64 20
bytes, which means it needs to add a padding character (=) to the
output. I don't know if it actually matters but it feels like a slightly
worse password/example of randomness.
Having the block size be a multiple of 3 would solve the issue.