---
title: Fix login error with special characters in password
status: ready
labels:
  - bug
  - security
  - critical
assignees:
  - backend-dev
milestone: v1.0.1
project: Bug Fixes
parent: 123
---

# Login Error with Special Characters in Password

## Bug Description

Users are unable to log in when their password contains certain special characters (specifically `#`, `&`, and `%`). The login form submits successfully but returns a 400 error.

## Steps to Reproduce

1. Create a user account with a password containing one of the special characters: `#`, `&`, or `%`
2. Log out of the account
3. Attempt to log in with the correct credentials
4. Observe the error message and failed login

## Expected Behavior

Login should succeed with the correct credentials regardless of special characters in the password.

## Actual Behavior

When submitting the login form with credentials containing special characters, the request fails with a 400 Bad Request error. The following error appears in the console:

```
POST https://api.example.com/auth/login 400 (Bad Request)
Error: {"error":"Invalid request parameters"}
```

## Environment

- **Browser**: Chrome 98.0.4758.102, Firefox 97.0.1
- **OS**: Windows 10, macOS Monterey 12.2.1
- **Backend Version**: v1.2.3

## Technical Analysis

Initial investigation suggests that the password is not being properly URL-encoded before being sent to the backend, causing the server to reject the request.

## Possible Fix

Add proper URL encoding to the login form submission or update the backend to handle special characters in the request payload correctly.

## Severity

Critical - Affects user authentication and prevents access to the application.