Unicode characters in password allow for less than seven character password

[leonard-IMBERT]

Not sure if this really is an issue but by using unicode characters (like 🬃) you can bypass the seven characters requirements in the account creation.

Why ?

It seems that a certain range of unicode characters are encoded in 4 bytes instead of 2. The password type of the <input> understand characters as their UTF-16 representation (source: MDN documentation) meaning that for the input "🬃" is two character long.

I don't think there is an easy fix, it comes from the browser interpretation of unicodes characters. This is more of a trivia than really an issue but I thought it might be useful to keep this information around

[gr-im]

Yes, I have a precise idea about how to fix that (and it will serve the category failure too!) thanks for your consciencious beta-testing!