What characters are allowed for usernames and passwords?
Go to solution
Solved by Eigenvektor,
Ideally, for a password, any character should be allowed. The password itself should then be stored as a salted hash, never as clear text.
The more restrictions you place on password characters, the less secure the password becomes, because someone trying to brute force the password has less characters to go through.
For the username, it really depends on what you're doing with it. Unless a character causes issues for some reason (e.g. part of a URL) then there is absolutely no reason to blacklist any characters as well.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now