[PATCH] BUG 172567 support non ASCII user name to login in
panweiping3 at gmail.com
Fri Oct 17 06:14:23 BST 2008
Ingo Klöcker 写道:
> On Monday 13 October 2008, Randy Kramer wrote:
>> On Sunday 12 October 2008 11:02 pm, 潘卫平 wrote:
>>> I believe KDE should allow non-ASCII user name to login in
>> This sparked a thought in a slightly different direction--not to
>> advocate security by obscurity, but having usernames and passwords in
>> Unicode (UTF-8 or whatever)--would that make it harder to guess
>> (i.e., brute force) usernames and passwords?
>> I'm not entirely sure myself atm--maybe because they all (that is,
>> all Unicode encodings, if that's the right description) resolve to
>> sequences of bytes, maybe in one sense it doesn't help.
>> On the other hand, if I used say an 8 character password that
>> resolved to 32 bytes (because each of the characters in it is chosen
>> from a non-ASCII subset that resolves to 4 bytes (or even 16/2
>> bytes)), that would seem to make a fairly simple to remember (8
>> character) password harder to brute force.
>> I wonder to what extent current password programs are ready to handle
>> Unicode passwords?
> I would refrain from using non-ASCII characters in passwords. There's no
> gain in using them. A strong argument against the usage of non-ASCII
> characters is that you might not be able to enter the necessary Unicode
> characters on some system you have to use. OTOH, ASCII characters will
> work reliably with any OS with any application.
I agree. But I prefer to display non-ASCII user name for user's convenience.
More information about the kde-core-devel