Question about passwords

Because of security reasons, passwords have become more complicated. Some are case sensitive, some require numbers, etc.

Why couldn’t you allow non-symbolic characters like a backspace? Or could you?

It is not inherently impossible. In some environments pressing backspace actually does produce a character that you don’t see directly; it just suppresses display of other characters. There is no fundamental law of the universe that says you can’t have invisible characters in your password. As long as you get the same invisible characters in there when you authenticate you’d be golden.

But there are two big problems – not every character IO system treats keys like backspace the same way. Sometimes you get a backspace character. Sometimes whatever you are editing is manipulated directly and characters are actually removed. Sometimes metacharacters are parsed out of your input before whatever application you use sees them, and sometimes the application sees them. To avoid headaches like this invisible characters are prohibited.

Secondly, how would your password input system know when you meant to have a backspace character and when you wanted to get rid of a separate character?

A friend of mine used/uses a non-breaking space in his password. I forget which ascii character it is, but it’s good because most people wouldn’t guess it. It only worked for some passwords IIRC.

Under Unix (and thus under Linux) it’s technically possible to use any ASCII value from 1-126 as a password character. However, it isn’t necessarily a good idea to use non-printing characters if you are going to have to log in from multiple locations, since it might not be possible to reproduce them with some interfaces. In particular, backspace isn’t allowed because you have to be able to backspace (duh).

I have used a non-printing ASCII character with a value as high as 255 in my password.

Alt-255 used to be a popular choice of character included in a dos directory name to keep it from being accessible by others.