Should I trim spaces in a password field

security passwords trim
Liam picture Liam · Aug 30, 2011 · Viewed 11.8k times · Source

Just wondering.

We usually trim a user name in various forms in our ASP.Net application, whats the best practices for password fields.

i.e. should we remove a trailing space in a password field before being saved/encrypted?

Answer

onof picture onof · Aug 30, 2011

Leave the password as the user entered it.

You should never change silently a field put by a user, overall a password.

Related questions

encrypt and decrypt md5

I am using code $enrypt=md5($pass) and inserting $encrypt to database. I want to find out a way to decrypt them. I tried using a decrypting software but it says the hash should be of exactly 16 bytes. is there …

Read More
Why is char[] preferred over String for passwords?

In Swing, the password field has a getPassword() (returns char[]) method instead of the usual getText() (returns String) method. Similarly, I have come across a suggestion not to use String to handle passwords. Why does String pose a threat to …

Read More
Generating a random password in php

I am trying to generate a random password in php. However I am getting all 'a's and the return type is of type array and I would like it to be a string. Any ideas on how to correct the …

Read More