How do I properly implement Unicode passwords?

Posted by Sorin Sbarnea on Stack Overflow See other posts from Stack Overflow or by Sorin Sbarnea
Published on 2010-05-09T19:03:31Z Indexed on 2010/05/09 19:08 UTC
Read the original article Hit count: 330

Adding support for Unicode passwords it an important feature that should not be ignored by the developpers.

Still adding support for Unicode in the passwords it's a tricky job because the same text can be encoded in different ways in Unicode and this is not something you may want to prevent people from logging in due to this.

Let's say that you'll store the passwords os UTF-8.

Now the question is how you should normalize the Unicode data?

You had to be sure that you'll be able to compare it. You need to be sure that when the next Unicode standard will be released it will not invalidate your password verification.

Note: still there are some places where Unicode passwords are probably never be used, but this question is not about why or when to use Unicode passwords, is about how to implement them the proper way.

© Stack Overflow or respective owner

Related posts about unicode

Related posts about passwords