Expand Special Character Support in CSuite Password Policy
Problem Statement:
There is currently a technical conflict between our organization’s security tools and the CSuite platform. We enforce the use of Keeper for all staff to generate and store high-entropy passwords. However, CSuite rejects many of the standard special characters generated by these tools (e.g., ^, *, [, {, |).
When Keeper generates a secure password, CSuite frequently returns an error, forcing staff to manually change or delete characters that are not allowed or resort to simpler, less secure passwords. This creates a significant friction point and undermines our security posture.
Proposed Enhancement:
Update the CSuite password validation logic to support the full range of special characters found on a standard ASCII keyboard.
Technical Requirements:
Broaden Character Set: Allow all standard symbols, including: ! @ # $ % ^ & * ( ) _ + - = [ ] { } ; : ' " \ | , . < > / ? ~`
Validation Alignment: Ensure the backend database and application filters are updated to handle these characters securely (e.g., via proper salting/hashing) to prevent injection risks while allowing user flexibility.
Benefit:
Security Compliance: Allows staff to use 100% of the security features in Keeper without manual intervention.
Improved UX: Eliminates the "trial and error" loop staff currently face when setting or changing passwords.
Goal:
To align CSuite’s password policy with industry-standard password managers, ensuring that "strong" passwords generated by our internal tools are accepted without error.
Danny Lynn
shared this idea