Unicode in passwords
Yoriyuki Yamagata
yoriyuki.yamagata at aist.go.jp
Mon Oct 5 22:57:51 CDT 2015
Dear John,
FYI, IETF is working on this issue. See Internet Draft https://tools.ietf.org/html/draft-ietf-precis-saslprepbis-17 based on PRECIS framework RFC 7564 https://tools.ietf.org/html/rfc7564
Best,
> 2015/10/01 1:33、John O'Conner <jsoconner at gmail.com> のメール:
>
> I'm researching potential problems and best practices for password policies that allow non-Latin-1 Unicode characters. My searching of the unicode.org site showed me a general security considerations document (UTR #36) but nothing specific for password policies using Unicode.
>
> Can you recommend any documents to help me understand potential issues (if any) for password policies and validation methods that allow characters from more "exotic" portions of the Unicode space?
>
> Best regards,
> John O'Conner
>
—
Yoriyuki Yamagata
National Institute of Advanced Science and Technology (AIST), Senior Researcher
http://staff.aist.go.jp/yoriyuki.yamagata/en/
More information about the Unicode
mailing list