This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
Re: Userid/passwords
- To: Neale dot Ferguson at softwareAG-usa dot com
- Subject: Re: Userid/passwords
- From: Markus Kuhn <Markus dot Kuhn at cl dot cam dot ac dot uk>
- Date: Sat, 10 Feb 2001 12:21:40 +0000
- cc: libc-alpha at sources dot redhat dot com
Neale.Ferguson@softwareAG-usa.com wrote on 2001-02-09 11:27 UTC:
> Is there a standard/document that defines the characters that are allowed
> to form a userid or password. Does it vary from locale to locale? What
> of MBCS systems?
It's commonly considered to be a good idea to restrict userids in all
locales to [a-z0-9], because most other ASCII characters have lots of
special semantics associated with them in zillions of software modules.
These characters are available in any locale. Adding further non-ASCII
(!) characters seems only adviseable if you can agree on a single
encoding (preferably UTF-8), but note that people might find these
difficult to enter. The userid has to be entered before the system can
set a locale, therefore multiple locale-dependent encodings for userids
are extremely dangerous and should be considered bad engineering
practice.
Similar problems with non-ASCII characters arise in passwords: Again you
do not know the locale before you have entered the password, so only
ASCII is feasible unless you use a purely-UTF-8 environment.
Markus
--
Markus G. Kuhn, Computer Laboratory, University of Cambridge, UK
Email: mkuhn at acm.org, WWW: <http://www.cl.cam.ac.uk/~mgk25/>