Hi,

I have found an error, basically this: Passwords can contain only alphanumeric characters, dashes, underscores and spaces.

I came across this error when the game told me to update my password, which was caused by, from what I gathered, accounts being hacked.

Normally I would think setting these requirements are the result of poorly storing passwords, but not in the case of TPPC, I trust that these are stored properly. Given that special characters do not interfere with proper storing methods of a password, is there any chance the requirements on passwords can be dropped? Especially when these requirements make sure passwords can be bruteforced much easier, while having both my hands and feet tied behind my back even.

Does anyone even read this? I'd like to use my main password, which is "sup3r!S#ecur3@@".

While I can't tell you the requirements will be "dropped" or changed in anyway; I can tell you that "brute-forcing" your password on this website, requires an attacker to know your encoded password, or hash.

Shrimpy uses a Captcha on the login after multiple failed attempts to login. This would require any brute-force attack on the login page to additionally decode the image, significantly slowing down the process.

Not to mention, it is a good practice to use different passwords across different platforms. For example, I have "difficulty passwords", some are easy, others are hard, the password I use, depends on the "level" of proprietary information I am accessing.

A pokemon game, isn't all that proprietary to me, so it's a simple, yet distinct password.
A subscription service, is more so, and so those passwords are more complex.
While primary tools, such as an email or banking account, I use most of the tricks in the book.

All in all, when it comes to password security, unless you use the same password everywhere, you should never be bothered by how somebody secures your password;
I do however, recommend that you consider how they secure passwords and try to use what they make available to you.

Anything is hackable from some point. Even if the code is secure, that doesn't mean the computer running it is, or the software that computer is running, or you (depending on the IT skills, you'll probably be the easiest way to get your password, through a practice known as "social engineering").
So, truth be told, if somebody REALLY wanted to get your password, they could, no doubt about it. Whether they hack a computer system or hack your brain; But I can tell you from my training in this field, your password is not going to be brute-forced at TPPC.