this is my first time seeing password limit with symbols.
feels like something is wrong with the way the password is stored.

Only these symbols are supported @ . / # & + -



kindly enlighten me this is ok.

This post has been edited by Skylinestar: Dec 11 2025, 08:02 AM

probably old system or db that dont support parsing fancy symbols

TS should cukur... they didn't say..

alphabet only a,b,c,d,e

numeric only 1,2,3,4,5

Best of luck!

but generally, u don't store plaintext pwd in the db. it should be encrypted, therefore the "fancy symbols" shouldn't even matter bcoz they will be converted to something else

at least that's how it should be

Ok lettew

Some don't even allow symbols

Ez crack

storing password should be hashed not plaintext

15 character ok la

Mebbe tak support foreign lang symbols?

ß, ç, æ

I like !@#$%^&*

few already cannot

why so many restriction

agree.
any expert here can explain why cannot have password with ? character?

I just throw these parameters into chathpt ask it to generate a few password options. Then randomly choose one and save. Let chrome help me autofill after that.

Maybe it is key word in sql

Owait…

normal je , alot also restrict symbols

Alt 255 x 8.

It's hashed, not encrypted. Different thing.

The system is not secure against SQL Injection, easy way is to block it.


Programming Errors/Security Flaws: This is the most common reason. Special characters like single quotes ('), semicolons (, or the exclamation mark (!) can have specific meanings in programming languages or database queries (like SQL). If a developer doesn't properly "sanitize" or handle the input, an attacker could use these characters to run malicious commands (an "injection attack"). The easiest, but poor, solution for a developer is to simply block these characters altogether

usually the old "easy" way to prevent sql injection, emphasis on the "old" part, nowadays there are better ways to sanitize the input without limiting the characters.

Skyl1nest@r will do.

example of popular websites?

This post has been edited by Skylinestar: Dec 11 2025, 01:44 PM

15 character still ok..
i see some limiting to 8 characters. very difficult to make memorable password

RIP
haveibeenpwned.com/passwords

long2 ago lyn here also got maa
ppl play hack terus admin do their job

the name field got restriction? can put like this?



This post has been edited by brkli: Dec 11 2025, 02:12 PM

It's ok, here quite safe one. I've been using @troc10us123 also no problem so far..

inb4, the hashing is using database function during data insertion.. owai...

cant recall exactly but nandos / starbucks macam restricts

this is a teachable moment

before hashing algo is developed, old school devs use encrypt first. now u know

Can set P@ssw0rd which matches all criteria