Launchpad doesn't accept non-Ascii characters in passwords
Bug #2729 reported by
René Kabis
This bug report is a duplicate of:
Bug #2496: Launchpad blows up if you try to use non-ascii characters in your password.
Edit
Remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Invalid
|
Medium
|
Unassigned |
Bug Description
I am trying to use a strong password. My browser is FireFox with a default charset of UTF-8. When I try to include a "special character" (such as é (e-accent-agu) or æ (ae) or ™ (tm, trademark)), the system claims an error. I rountinely try to create strong passwords, which include characters not normally found on a standard us and/or us-dvorak keyboard. My browser is using utf-8, why won't the server accept special characters in the password? Why reject excellent security in favour of mediocre security?
To post a comment you must log in.
The authentication system used by Launchpad is being used by a number of systems, and more will be added over time. These systems all have different restrictions on what characters are valid. This means that Launchpad needs to ensure that it only accepts passwords that are valid on all these systems. The most restrictive specification is HTTP Basic Authentication whch dictates a subset of US-ASCII, so this is what we have to restrict passwords to.