<![CDATA[Are there any disallowed characters in passwords?]]>With FusionAuth passwords, are there any characters that are verboten? Like ! or " or \ or / ?

]]>https://fusionauth.io/community/forum/topic/190/are-there-any-disallowed-characters-in-passwordsRSS for NodeSun, 14 Jun 2026 19:22:21 GMTFri, 26 Jun 2020 01:20:00 GMT60<![CDATA[Reply to Are there any disallowed characters in passwords? on Mon, 09 Jan 2023 18:31:53 GMT]]>In the UI you can select "Special character" to require at least one special character. If anyone is looking to understand which characters will satisfy this requirement read on.

If you view the tooltip or the API - you’ll see the configuration is actually for non-alpha-numeric.

https://fusionauth.io/docs/v1/tech/apis/tenants#create-a-tenant

tenant.passwordValidationRules.requireNonAlpha
Whether to force the user to use at least one non-alphanumeric character.

So instead of limiting this to a specific set of special characters, we allow it to be any character that is not a unicode alphabetic and not a digit. In this way, we do not artificially limit the entropy of the password by saying you must use one or more characters for a finite set of "special characters" as you may be used to seeing on some login forms.

]]>https://fusionauth.io/community/forum/post/5802https://fusionauth.io/community/forum/post/5802Mon, 09 Jan 2023 18:31:53 GMT<![CDATA[Reply to Are there any disallowed characters in passwords? on Fri, 26 Jun 2020 01:21:58 GMT]]>There are no inherent limitations of password stored in FusionAuth.

You can, however, choose to limit passwords using password rules. You can set these up at the Tenant level; look for the "Password settings" section under the "Password" tab.

]]>https://fusionauth.io/community/forum/post/475https://fusionauth.io/community/forum/post/475Fri, 26 Jun 2020 01:21:58 GMT