Launchpad doesn't accept non-Ascii characters in passwords

Bug #2729 reported by René Kabis on 2005-09-30
4
Affects Status Importance Assigned to Milestone
Launchpad itself
Medium
Unassigned

Bug Description

I am trying to use a strong password. My browser is FireFox with a default charset of UTF-8. When I try to include a "special character" (such as é (e-accent-agu) or æ (ae) or ™ (tm, trademark)), the system claims an error. I rountinely try to create strong passwords, which include characters not normally found on a standard us and/or us-dvorak keyboard. My browser is using utf-8, why won't the server accept special characters in the password? Why reject excellent security in favour of mediocre security?

Stuart Bishop (stub) wrote :

The authentication system used by Launchpad is being used by a number of systems, and more will be added over time. These systems all have different restrictions on what characters are valid. This means that Launchpad needs to ensure that it only accepts passwords that are valid on all these systems. The most restrictive specification is HTTP Basic Authentication whch dictates a subset of US-ASCII, so this is what we have to restrict passwords to.

Changed in launchpad:
status: New → Rejected
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers