Ridiculous password limitations?

Edit Subject

The character set we enable is more than adequate for producing secure passwords. Adding a few more special chars won't make the password significantly more secure. To achieve a secure password we recommend using at least 10 characters in the password and selecting the characters randomly.

In addition one of the most severe security risks is using the same password in many different places. For example if you use a password with lots of random characters for both your email, facebook, twitter, and bank account then once one of them is compromised they are all as good as compromised.
Because of this having different password restrictions on different sites shouldn't matter if you care about security, since you're going to create a different password for each site anyway.

Finally I'll explain why we don't enable some special characters in our passwords. Since MeCanto provides access from many different locations (web, mobile phones, tablets, etc.) on many different platforms it is important to us that users on different platforms can easily enter their passwords. We limited our password field to a set of the most common 65 characters which are available on all devices.

btw: a 10 character password made out of 65 random chars produces a password strength of 60bits. Compared to a 65 bit password produced when adding ALL the special chars. This isn't such a significant difference and for human generated passwords the difference is much much less since even when special chars are allowed only one or two are used in the password.

I hope I helped you understand our decision here. I'd really like to hear more specifically why you're interested in adding these chars. This will help us understand your request.