Comment on This happen to anyone else?
Armok_the_bunny@lemmy.world 1 day agoAre the passwords being stored in plaintext!? That’s the only reason I can think of why special characters wouldn’t be able to be handled.
Comment on This happen to anyone else?
Armok_the_bunny@lemmy.world 1 day agoAre the passwords being stored in plaintext!? That’s the only reason I can think of why special characters wouldn’t be able to be handled.
bjoern_tantau@swg-empire.de 1 day ago
We had that issue at work with email account passwords that could be entered into a browser in UTF-8 but would be sent by email clients on Windows in whatever the default encoding there was, usually not UTF-8.
The server just blindly pushed the bytes it received into the hashing algorithm. It didn’t have any means of identifying the encoding used either way. We “solved” it by showing a warning about the bug when people logged in and entered a password with non-ASCII characters. Many people used a web-based email client anyways so it wasn’t such a huge issue anyways. We didn’t want to force customers to only use ASCII symbols.