Re: Issues with £ character in passwords

Stefan Paetow Stefan.Paetow at jisc.ac.uk
Wed Feb 11 22:14:43 CET 2015


> In ISO/IEC 8859-1 (latin-1), £ is 0xa3, in UTF8 it's a two byte encoding 0xc2 0xa3. Same issue 
> with § (0xa7) which will become 0xc2 0xa7 in UTF8.

I meant to reply to this earlier. The UTF8 encoding also means that when it is converted to ASCII from its raw byte state, this is the result:

0xc2 0xa7 = £ 

That's why adding the  to the front of the pound sign will make it generate the correct hash for the password.

Unfortunately, in a previous life, we had lots of fun with this on Windows after passwords stored in the registry and in INI files (in ANSI/ASCII format) caused lots of issues when read into a UTF-8 stream without proper conversion (where it was assumed that all the standard ASCII characters when encountered would directly translate to UTF-8, which they of course don't).

:-/

Stefan Paetow
Moonshot Industry & Research Liaison Coordinator

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at jabber.dev.ja.net
skype: stefan.paetow.janet

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under Company No. number 2881024, VAT No. GB 197 0632 86. The registered office is: Lumen House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T 01235 822200.





More information about the Freeradius-Users mailing list