Suggestion: expand the range of "special characters" and mix them into the strong passwords randomly

[bradtchapman]

I use Apple's password generator fairly often, and when tied with my iCloud Keychain it does a great job.

Recently, I ran into an issue entering a strong password in a vendor's SaaS application that kept rejecting every strong password I made.

This vendor's password field required 15 characters, including a mixture of upper + lower case, numbers, and "special characters." It wasn't until I finally added an exclamation mark at the end of the password that it was magically accepted.

I opened a case with this vendor, and they have filed an internal Product Issue to get it fixed ASAP since this is new behavior (in beta) and will obviously confuse and infuriate some customers if it makes it into the release, especially when said customers depend on Apple's robust password generator.

That said, it probably won't be the last website I encounter that requires some "other" special characters.

It would be great if Apple added some options to randomly add other special characters in the password beyond hyphens. Please avoid characters that could cause issues on other platforms—the dollar sign or asterisk—or wreak havoc with improperly sanitized input fields—semicolons or parentheses—or where the webmaster has tried to be clever and outsmart the potential exploits of a mom (xkcd.com #327)

[jasontenpenny]

I ran into a similar issue when setting up an account at usmobile.com. It wasn't registering the hyphen as a special character, and that was the only special character Apple Passwords was putting in. So I had to manually add ! to the end.