NXP has messed up their password form validation29th June 2023

I've been using a password manager for years now, and from time to time this leads to strange discoveries with password validation. They've ranged from crashing the server to simply ignoring valid passwords. I might write this out as a proper article some time in the future, but my latest discovery has me puzzled as to what is actually going on and I wanted to share it.

 

The discovery was made while signing up for a NXP semiconductors account. As usual I opened my password manager KeePass and added a new entry with a randomly generated password. My defaults for passwords are set rather conservatively since I might have to manually type a password somewhere without automatic input so I have special characters disabled. This is also the group which by far causes the most issues with password validators. So initially it failed on no special characters in my input. Oh well, easy fix, open up the settings, add the special characters group, and regenerate. Hmm, still no special characters?

But that pound sign is in your examples of special characters! Turns out, their list of special characters isn't a list of examples, it is the list of the only allowed special characters... So their character set is letters, numbers, and those specific characters. Any other special character, and the check for special character turns red. And yes, this includes non-english characters. Just for good meassure, here is the same password form, just without the angle bracket:

So yeah, I believe this might be the first time I've had to remove certain characters from my password. Good job NXP...