This is a most excellent place for technology news and articles.
Emojis are known to break systems in certain circumstances due to the way they're interpreted in certain character sets.
I guarantee people doing this will not only lock out their own accounts, but may even freeze some authentication servers.
https://www.pcmag.com/news/want-to-brick-an-iphone-send-some-emojis
The website should feed your password straight into a well known hashing algorithm or key derivation function that has undergone a decade or more of careful scrutiny, without any other processing. The output will usually be a fixed length base64 or hex string.
There's a short list of about three options that are currently considered acceptable, and a few more are probably fine but are a little too easy to crack these days (e.g. anything that shares the same math as bitcoin... what if someone throws a mining datacentre at your password?)
If the site breaks, maybe you don't to be a customer of that service.
Can you still log in to wellsfargo accounts using the T9 translation of your password?
If some auth server breaks because I put emojis in my password then that's right and deserved
💯🐴🔋(umm, staple)
Correct horse battery staple!
Security expert reveals surprising way to induce headaches
Security experts don't actually have to work on corporate IT systems.
So you've set your password to contain a 😇 have you?
Ok so how are you going to type it on this desktop computer keyboard here…
Yeah I thought not.
I'll just go reset your password shall I?
Terrible idea, good luck logging in on desktop.
You know there's someone somewhere who would answer you with, "what's a desktop?"
No. There's only one piece of advice that should be given to users in 2023 about how to make their passwords stronger:
Use a password manager
Just use 32 character random alphanumeric passwords that are unique for each site (you can do more like 12-16 characters if you'll ever need to enter manually).
This is it. Stop trying to create clever passwords that you can remember. You aren't as uniquely creative as you think and there's been bodies of research into how the various things people do to create passwords that look secure can reduce the generation space so much that they become considerably easier to crack with an intelligent algorithm.
Oh for fuck's sake, just turn on 2FA
Until you get to a prompt that doesn't support unicode.
I'd rather staple my forehead to a telephone pole before I ever think about using an emoji in a password. Those things are abominations!
Out of curiosity, what makes you say so?
Edit: Oh. Did a "Wooosh" happen to me right now? Are you being ironic and referring to the XKCD thing about how to make a secure password using words in phrases?
I think OP is conflating the use of emojis in passwords with the use of emojis by the general public.
Yes, it's annoying to read stuff like "Hi 😃😃😃😃 I am Bob ♥️♥️♥️😎😎😎😎," but that doesn't mean that using them in passwords is a bad idea.
👆
Sounds great where it works but I'm sure most systems would reject an emoji or make you type out some overly complex password in addition to your emoji.
Honestly you'd be surprised how many places it just works magically. I was surprised to find that Office365 users could use emojis in names for Microsoft Teams which had no problem syncing those accounts back to an on-prem Active Directory. You can use emojis to name a whole SQL database, let alone users/passwords on it.
I keep wondering if I need to figure out how to turn that off but it hasn't caused any problems. It's definitely sketchy looking though when you see a bunch of normal usernames and then suddenly one is just ten snowman emojis in a row.
It's all just Unicode so in theory a password system shouldn't think that emoji or any more interesting than any other character. To a computer the letter B and the emoji ✈️ equivalent in that they're both just normal characters that one can type.
Sort of, emoji are usually treated as two or more normal characters so ✈️ might be equivalent to BB. But the basic point is the same.
What's up with all the hate for emojis lmao
People who use them tend to spam the hell out of them. Like, 8 of the same emoji. And they use them every other sentence. It's obnoxious, you only need one or two to get the point across.
💀💀💀💀💀💀💀🗿🗿🗿🗿🗿🗿🗿🚣👍👍👍👍👍👍🔥🔥🔥🔥🔥🔥🔥 sigma
the emojis and text above are a part of the reason
Back in my day we only had 95 printable characters, and that's the way we liked it! /s
Antisocial people.
It was the same on Reddit. All of the people who despised emojis were often posting in really cringe and incel related subs.
My use of emojis sky rocketed after I started dating. They are fun and convey emotion really well.
I'm convinced emojis are what has been missing from language for a long time. They are great way to portray emotions through texts, which otherwise could not be achieved.
This way there is a difference between:
"You are so amazing 😁👍"
and
"You are so amazing 🙄 "
...no
Completely useless from many sources where I have to rely on a keyboard for entering passwords.
As a software developer who has worked with a lot of symbols and emoji... PLEASE DON'T DO THIS.
Software doesn't all handle these symbols the same way, and without tech knowledge (or even with) , it's very possible to not be able to log in easily. I'm kinda drunk rn, but I'll try to explain as simply as I can...
For example... skintone emojis are actually two characters, a face and a skin tone modifier. I think those ones are always two characters but some of these "multi-char" characters can be normalized into a single character. But not everyone handles this the same way. For example, Safari might normalize the emoji, but Firefox might treat it as two separate characters... And this would probably make your password not match. But basically... text has lots of edge cases; I'd advise to use normal passwords please (also maybe a password manager)
Can you write any unicode cahracter? Gotta make passwords in cuneiform
(👁 ͜ʖ👁) 𓂺
-The most secure password
I disagree with them.
white large square ⬜ for example. Emojipedia shows what that emoji looks like on 26 different vendors. Some are pure white, some are shades are grey, and then there's Microsoft who in its usual infinite wisdom decided it should be purple. large yellow square 🟨 is a tossup between actually yellow and orange. This issue is also exacerbated with different displays displaying colours differently. Factors such as color accuracy, viewing angle, brightness affect how you perceive colour.
This also extends to face emojis. grinning face with big eyes (Emojipedia link) isn't that easy to tell apart from grinning eyes (Emojipedia link)
shaking face 🫨. Problem is, Windows' emoji picker Win + . (period) doesn't have it. Trying to login on a friends phone that's still on iOS 15 or Android 12, before shaking face came out? Enjoy manually copy/pasting the emoji from Emojipedia.correct horse battery staple on the other hand looks the same on all devices.
Last week or two I've been learning more about passkeys, and it makes threads like this seem ridiculously out of date. Given the choice between emojis and passwords and hard crypto, I'll take the crypto.
Long time ago a friend of mine used a set of key press to generate a smiley face to put in his bios which ended up in a situation where he was not able to type in the same smiley face into the password prompt. I had to teach him to reset his bios battery to get back into the bios.