Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
technical question about passwords and special characters
I have login passwords to many websites. I finally broke down and made each one unique and difficult.
Question: Why do some websites disallow special characters ( ! @ # $ % & and etc) and some do not ? I know that a highly obscure bulletin board does not need the same security as a banking website, but other than that, is there some technical reason ? I've also noticed that some special characters on some websites are not allowed.
Trivial question. Short paragraph or a link would be lovely. Thanks.
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
3 replies, 1941 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (0)
ReplyReply to this post
3 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
technical question about passwords and special characters (Original Post)
steve2470
Mar 2013
OP
ManiacJoe
(10,136 posts)1. It probably depends on how the passwords are being stored.
For example, many of the special characters have meanings in SQL and other database languages.
ChromeFoundry
(3,270 posts)2. The only reason a website would not allow special characters...
...is simply because their development team sucks.
,./<>?;':"[]{}\|!@#$%^&*()-=_+
Websites "should" actually promote the need for special characters because they are harder to crack.
The underscore (_), percent sign (%) and asterisk (*) characters are commonly used in databases as wildcard characters in queries. Many of the other special characters have special meanings in regular expressions, which are commonly used to validate inputs from web forms before they are submitted to the database. This is mainly to thwart cross-site scripting attacks, but there are better methods to prevent this type of attack.
Any site that does not accept special characters for logon credentials, I would seriously question my willingness to let them have any personally identifiable data because they are most likely storing your password in clear text within their database. Passwords should be stored in a one-way encrypted format. Checking for a valid password would cause the system to encrypt the password entered and compare the result against the stored value (a hash). A match accepts the credentials as authentic.
Other types of characters, such as extended ascii and unicode should also be allowed for passwords. This is very important if the site is to support multiple languages.
steve2470
(37,457 posts)3. thanks for the info guys !
I should have said "some websites allow" but you both understood my meaning.