As a response to all the issues I've learned from everyone, my immediate recommendation for my company's current policy is to constrain our passwords to printable ASCII now in order to buy time to learn more about all the issues that you and others have mentioned.
I appreciate all the feedback on the topic. Clearly there are issues to consider, and I'll make an effort to gather up all the issues everyone mentioned for a single, consolidated list. On Fri, Oct 9, 2015 at 10:00 AM <[email protected]> wrote: > > From: Doug Ewell <[email protected]> > To: [email protected] > Cc: Unicode Mailing List <[email protected]> > Date: Thu, 08 Oct 2015 13:09:07 -0700 > Subject: RE: Unicode in passwords > Philippe Verdy wrote: > > > They demand such passwords only for their web services, which are > > accessed by web browsers. Not for booting devices. > > My company enforces all of the password restrictions I listed, as well > as "ASCII only," for access both to individual PCs and to the company > network. > > -- > Doug Ewell | http://ewellic.org | Thornton, CO 🇺🇸 > > >
