Unicode in passwords
yoriyuki.yamagata at aist.go.jp
Mon Oct 5 22:57:51 CDT 2015
FYI, IETF is working on this issue. See Internet Draft https://tools.ietf.org/html/draft-ietf-precis-saslprepbis-17 based on PRECIS framework RFC 7564 https://tools.ietf.org/html/rfc7564
> 2015/10/01 1:33、John O'Conner <jsoconner at gmail.com> のメール：
> I'm researching potential problems and best practices for password policies that allow non-Latin-1 Unicode characters. My searching of the unicode.org site showed me a general security considerations document (UTR #36) but nothing specific for password policies using Unicode.
> Can you recommend any documents to help me understand potential issues (if any) for password policies and validation methods that allow characters from more "exotic" portions of the Unicode space?
> Best regards,
> John O'Conner
National Institute of Advanced Science and Technology (AIST), Senior Researcher
More information about the Unicode