Password security

[Guy Harris]

 >>- Certain characters are untypable in passwords:  nul, newline, backspace, 
 >>  and line-kill characters, and possibly ^S, ^Q, and ^M.
 >
 >This is incorrect.  Virtually any character can be used in passwords
 >as well as lognames.  The mechanism which controls this is the stty
 >options in the initial and secondary flags located in the /etc/gettydefs
 >entry currently in effect on the port being accessed.  

Yeah, but most people tend to consider it rude to leave the tty in "raw"
mode once "login" is fired up, so it's generally in cooked mode when the
password is being read in, and thus unless you have a character like the
"literal-next" character, certain characters *are*, in fact, untypable
in passwords, including all the ones listed above.  Yes, Virginia, there
are UNIX systems that don't have "literal-next".

Of course, NUL is typable, even in cooked mode on systems without
"literal-next"; however, since the password is, in general, a C-language
string, NUL is obviously not a valid character in a password....