Username, yes (in fact I reject anything that doesn't match alphanumeric or the underscore) but if you trim a password (or make any other sort of edit) and they used a space (or any other edited character) they'll never be able to log in. You'd have to reject the password instead and get them to try again. In general, every character you allow in a password enhances security by adding to potential complexity of the password.
-----Original Message----- From: dave [mailto:[EMAIL PROTECTED] Sent: Tuesday, 8 March 2005 4:28 To: CF-Talk Subject: RE: cftransaction... it wasnt safe? Personally I have yet too see a system that lets you add spaces in a password. Of all places I would think username and password fields should be one of the first things trimmed. ---------------------------------------- From: James Holmes <[EMAIL PROTECTED]> Sent: Tuesday, March 08, 2005 3:24 AM To: CF-Talk <[email protected]> Subject: RE: cftransaction... it wasnt safe? Another example; spaces can be legitimate at either end of a password. -----Original Message----- From: Micha Schopman [mailto:[EMAIL PROTECTED] Sent: Tuesday, 8 March 2005 4:17 To: CF-Talk Subject: RE: cftransaction... it wasnt safe? You stated you ALWAYS need to use Trim functionality. That is just not true. In essence, I think a developer should keep his claws from the entered content unless absolutely necessary. There are situations where you for example submit a textarea value. If the entered data contained spaces being affected by trim, but were entered on purpose. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:197788 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
