我应该在密码字段中修剪空格吗 [英] Should I trim spaces in a password field

问题描述

想知道.

我们通常在ASP.Net应用程序中以各种形式修剪用户名，这是密码字段的最佳做法.

We usually trim a user name in various forms in our ASP.Net application, whats the best practices for password fields.

即在保存/加密之前，我们应该在密码字段中删除尾随空格吗?

i.e. should we remove a trailing space in a password field before being saved/encrypted?

推荐答案

这取决于

某些用户从某个地方复制密码或填写密码，然后复制并将其粘贴到确认密码"字段中.有时在密码前后会留出额外的空间.当他们甚至没有意识到那里有一个空间时，一个空间也将被加密.

Some users copy their password from somewhere or fill in their password and copy paste it in the Confirm Password field. This sometimes gives a extra space before and after the password. A space will be encrypted as well while they didn't even realize a space was there.

其他用户实际上创建的密码中带有空格.

While other users actually create passwords with spaces in.

完全由您决定密码策略.只需确保对用户非常清楚您的密码策略是什么.不允许通过警告他们是否使用空格来警告他们，或者禁止使用空格来警告他们.

It's totally up to you to decide your password policy. Just make sure it is very clear for the user what your password policy is. Either by alerting them if they used a space or alerting them using a space isn't allowed.

这篇关于我应该在密码字段中修剪空格吗的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！