What are standards for characters allowed in text fields

What are the typical characters allowed in text fields in a new user sign-up? Are there www standards? Especially interested in Username and Password character types allowed.


I prefer to be able to use alphabetic, numeric, and special characters to create my passwords. I really hate it when sites deny me the use of special characters, particularly !@$*.

Don't restrict password characters. The more characters available, the more secure passwords can be. There's no good reason to forbid spaces, for example, in a password.

For usernames, it depends on where they will be displayed. If you plan to give users there own profile URL, you would want to limit characters much more than if not.

Just don't forget to escape user inputs when you output them again.

What reason would you have to ever deny any characters? You should just allow everything, with the possible exception of the null character. You will have to encode usernames when you print them on your site to avoid cross-site scripting problems, but you probably should do that anyways even if you're filtering the "dangerous" characters just to be safe. Allowing all characters, especially for passwords, greatly increases usability (and security, in the case of passwords). Also, keep in mind that some users may want to input UTF8 characters if they have accents in their names (or if they're using a non-latin alphabet like Chinese or Russian).

Need Your Help

WPF application using CEFSharp Web Browser crashing in clickonce release

c# .net wpf xaml cefsharp

I have a simple WPF application which works fine in debug but when i do a clickonce release its crashing when trying to load the CEFSharp web browser

Extract part of a NSString in Cocoa in an efficient way

objective-c cocoa cocoa-touch

How could I extract a part of an NSString before certain word(s):