Reply to post: Re: Storing passwords in plain text?

For Foxit's sake: PDF editor biz breached, users' passwords among stolen data

dajames Silver badge

Re: Storing passwords in plain text?

A password should be able to hold any Unicode text; after all, once hashed, it's a string of hex digits anyway.

Where passwords are restricted to a limited character set that generally has nothing to do with password security, and a lot to do with the practicalities of entering passwords into a variety of devices that operate with different character sets and/or code pages.

Many years ago, when I was still at University, I thought I was very clever at having selected a "strong" password -- it was pretty strong for the time, it included upper and lower case letters and non-alphabetic characters (I don't remember which) -- and I recommended that my colleagues do the same (if only to stop other students from logging in to our accounts and using our departmental line-printer paper allowance).

Imagine my embarrassment at trying to log in to a Tektronix graphics terminal to get a quick preview of a graph I had generated ... and finding that it didn't support lower-case letters!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021