Emojis are known to break systems in certain circumstances due to the way they’re interpreted in certain character sets.
I guarantee people doing this will not only lock out their own accounts, but may even freeze some authentication servers.
https://www.pcmag.com/news/want-to-brick-an-iphone-send-some-emojis
The website should feed your password straight into a well known hashing algorithm or key derivation function that has undergone a decade or more of careful scrutiny, without any other processing. The output will usually be a fixed length base64 or hex string.
There’s a short list of about three options that are currently considered acceptable, and a few more are probably fine but are a little too easy to crack these days (e.g. anything that shares the same math as bitcoin… what if someone throws a mining datacentre at your password?)
If the site breaks, maybe you don’t to be a customer of that service.
Can you still log in to wellsfargo accounts using the T9 translation of your password?
If some auth server breaks because I put emojis in my password then that’s right and deserved
That only applies to iphones that came out 2016 or earlier and we’re never updated right?
Hahaha, I wish.
You would be amazed at how ancient and poorly maintained many web servers are on the modern internet. SQL injection still consistently make the top 3 web app vulnerabilities as of 2021. If that isn’t being sanitized properly I don’t expect emojis would be handled much better.
Thanks I wasn’t aware of that
For that particular bug, yes, but there have been many other variations on that theme and not limited to Apple tech. I’ve seen it nuke an email send for example because the SMTP server choked on emojis placed in a subject, to, or from line.
Thanks I appreciate the clarification
💯🐴🔋(umm, staple)
Correct horse battery staple!
But was it a 💯 or was it a ✅? Damn neither. Let’s try with 👍…
Good luck logging in a Smart TV.
Logging in a smart tv? Lol!
All the apps I’ve used recently use QR codes (or similar measures, like a sync code) that has you log in from the phone, so it should work anyway!
But not all apps, sadly, I just experimented it with Crunchyroll, and saw my dad struggling with a crappy app called Vix yesterday.
Fair enough. I’m mostly using “big ones” plus SmartTube.
Scan the QR code and log in on your phone. Oooh scary
Security expert reveals surprising way to induce headaches
Terrible idea, good luck logging in on desktop.
You know there’s someone somewhere who would answer you with, “what’s a desktop?”
I’m still in denial 😅
I began feeling old when re**itors started calling their site an ‘app’
You can say Reddit it isn’t blasphemous
Wait, you can’t type emoji on your desktop? I feel sorry for you. 🥺
No. There’s only one piece of advice that should be given to users in 2023 about how to make their passwords stronger:
Use a password manager
Just use 32 character random alphanumeric passwords that are unique for each site (you can do more like 12-16 characters if you’ll ever need to enter manually).
This is it. Stop trying to create clever passwords that you can remember. You aren’t as uniquely creative as you think and there’s been bodies of research into how the various things people do to create passwords that look secure can reduce the generation space so much that they become considerably easier to crack with an intelligent algorithm.
How many websites/services don’t support such lengthy passwords these days?
Few, but those that don’t you can just shorten the length generated.
Just use a password manager, goddamn.
But only save emojis in it lol
Oh for fuck’s sake, just turn on 2FA
Until you get to a prompt that doesn’t support unicode.
I’d rather staple my forehead to a telephone pole before I ever think about using an emoji in a password. Those things are abominations!
Out of curiosity, what makes you say so?
Edit: Oh. Did a “Wooosh” happen to me right now? Are you being ironic and referring to the XKCD thing about how to make a secure password using words in phrases?
I think OP is conflating the use of emojis in passwords with the use of emojis by the general public.
Yes, it’s annoying to read stuff like “Hi 😃😃😃😃 I am Bob ♥️♥️♥️😎😎😎😎,” but that doesn’t mean that using them in passwords is a bad idea.
deleted by creator
I can agree with you. I’m curious what these reasons are, though?
👆
Sounds great where it works but I’m sure most systems would reject an emoji or make you type out some overly complex password in addition to your emoji.
…no
As a software developer who has worked with a lot of symbols and emoji… PLEASE DON’T DO THIS.
Software doesn’t all handle these symbols the same way, and without tech knowledge (or even with) , it’s very possible to not be able to log in easily. I’m kinda drunk rn, but I’ll try to explain as simply as I can…
For example… skintone emojis are actually two characters, a face and a skin tone modifier. I think those ones are always two characters but some of these “multi-char” characters can be normalized into a single character. But not everyone handles this the same way. For example, Safari might normalize the emoji, but Firefox might treat it as two separate characters… And this would probably make your password not match. But basically… text has lots of edge cases; I’d advise to use normal passwords please (also maybe a password manager)
Was gonna say… you’re relying on the consistency of external emoji handlers that you don’t control. Ascii emojis are one thing.
Is my explaintion ok? The hard kombucha was… harder than I anticipated
It was pretty normal lol. Basically everything between the visual of an emoji and what “text” is entered is not in your control. So it’s great for security but not in practice as a password. What brand was the kombucha I want some.
I didn’t realize NYC has a physical Juneshine location. So I got a flight… and a Juneshine cocktail…
Completely useless from many sources where I have to rely on a keyboard for entering passwords.
deleted by creator
Mac os and windows? I haven’t seen it on my Mac but maybe on windows? Those are pretty modern. I haven’t seen it in Linux either now that I think of it.
there is a “Characters” app in Gnome that lets you pick emojis
Yup, macOS has one too.
What part of the word “Keyboard” did you not understand?
deleted by creator
As it said in the document: With a little help from your OS. So I want to log into lemm.ee from another persons computer. I do have not my own keyboard, I neither have my additional drivers or extensions or whatever. Oops. No login.
I disagree with them.
- Emojis do not look the same on all platforms. Let’s take
white large square⬜ for example. Emojipedia shows what that emoji looks like on 26 different vendors. Some are pure white, some are shades are grey, and then there’s Microsoft who in its usual infinite wisdom decided it should be purple.large yellow square🟨 is a tossup between actually yellow and orange. This issue is also exacerbated with different displays displaying colours differently. Factors such as color accuracy, viewing angle, brightness affect how you perceive colour.
This also extends to face emojis.
grinning face with big eyes(Emojipedia link) isn’t that easy to tell apart fromgrinning eyes(Emojipedia link)- Emoji support depends on your device. I’m on Windows 11 22H2 which recently added support for
shaking face🫨. Problem is, Windows’ emoji pickerWin+.(period) doesn’t have it. Trying to login on a friends phone that’s still on iOS 15 or Android 12, beforeshaking facecame out? Enjoy manually copy/pasting the emoji from Emojipedia.
correct horse battery staple on the other hand looks the same on all devices.
- Emojis do not look the same on all platforms. Let’s take
