Come ooonnn!!!

This is the sign that there’s a problem with the system that handles the password. Or that it’s old, because unicode support is standard

No special characters??

Even if someone doesn't want to use special characters, it should certainly be allowed.

If it is just lower and upper characters plus numbers at 6 characters there is just 58^6 possibilities.

But why, aren't you just making more work for yourself as a developer with not accepting special chars.

Because when you hash and salt it, it does not matter right what the input was? Because you store the hash.

Or am I missing something

@MisterArie as long as the special characters are in latin1, there should be no problem.

@Yamakuzure Why would that be. If you hash it, it'll never go outside of the hash's output scope, and most algos will stay Ascii and are valid for latin1; whatever charset you feed the algorithm.... (so, let's up that to utf-8)

what are you talking about, it's still 2004 isn't it ?

@xewl my thoughts were more with transporting the input. (user charset versus Server charset)