2

I'm implementing a new user authentication system for my mobile app and was constructing my username rules, i.e. less than 40 characters, alpha-numeric, etc.. when I thought about why I should only limit it to alpha numeric.

I don't have any issues from the application view - they can use emojis and foreign characters for all I care. I've been trying to figure out reasons why I shouldn't allow it but couldn't think of any good reasons other than it might be non-intuitive for users to search by username if it's just an emoji. Are there any other reasons or landmines that I'm overlooking? I'm using GraphCool as my backend-as-a-service.

MonkeyBonkey
  • 46,433
  • 78
  • 254
  • 460
  • Yes surely you can add Emojis. As Emojis, for database are just same as string values. – Mrunmay Deswandikar May 03 '17 at 10:33
  • 1
    This reminds me of [Emojli](https://www.youtube.com/watch?v=iyybPvRsEuY). They share some of their experiences in [this video](https://www.youtube.com/watch?v=GsyhGHUEt-k). I gather from them that it's possible, just that... expect edge cases and be careful to use UTF8 everywhere :-) – Just a student May 03 '17 at 10:33

2 Answers2

0

If it makes it difficult to login in any way - like the user can't access the emoji from certain keyboard then no.

DavidC
  • 1,842
  • 1
  • 18
  • 32
0

Theoretically there is no problem with that. Theoretically unicode works. In practice it managed to crash a lot of ios devices.

That's also good to know: https://security.stackexchange.com/questions/95847/advantages-to-alphanumeric-only-usernames

I would not recommend allowing just any character as a username. You could allow a few selected characters, but allowing any character is probably a security risk.

sknt
  • 963
  • 6
  • 16