Unicode characters in password allow for less than seven character password #33
Labels
bug
Something isn't working
Comments
|
Yes, I have a precise idea about how to fix that (and it will serve the category failure too!) thanks for your consciencious beta-testing! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Not sure if this really is an issue but by using unicode characters (like 🬃) you can bypass the seven characters requirements in the account creation.
Why ?
It seems that a certain range of unicode characters are encoded in 4 bytes instead of 2. The
passwordtype of the<input>understand characters as their UTF-16 representation (source: MDN documentation) meaning that for the input "🬃" is two character long.I don't think there is an easy fix, it comes from the browser interpretation of unicodes characters. This is more of a trivia than really an issue but I thought it might be useful to keep this information around
The text was updated successfully, but these errors were encountered: