• viking@infosec.pub
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      Sounds like a crappy implementation of the authentication server then, and the sysadmin deserves a paddlin’ for not stripping non-UTF characters (or making sure they work).

      My problem with using emojis as part of the password would rather be that while I might be able to enter them on my personal Android phone using the exact keyboard app I have installed right now, I might find myself struggling on a desktop computer or any other phone that doesn’t have this exact keyboard installed. After all, the graphical representation of the same emoji might look different there, and there is a chance I couldn’t even recognize it.

      So if anything, I’d say use a non-UTF keyboard like Thai or Chinese, but then a standard character in that specific type. Keyboards layout can be installed across devices and are fully standardized, even if the same character looks slightly different.

      • Username@feddit.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Stripping characters from passwords, great idea! Right up there with truncating passwords that are too long.