Stripping characters reduces length, so you are making passwords less secure by your own criteria.
As for the scenario I described, I experienced it myself in a system that silently stripped spaces from any position in the verification process, storing a different password than the one I typed in, without any warning. My password wouldn't work in the login and I figured it out by examining the password verification code.
I don't understand why it's controversial to simply accept and store a user's password verbatim. Any other approach risks introducing new security issues, from reduced entropy to password clashes. Misguided policy decisions are famous for weakening encryption schemes, like that of the Enigma machine in WWII.
As for the scenario I described, I experienced it myself in a system that silently stripped spaces from any position in the verification process, storing a different password than the one I typed in, without any warning. My password wouldn't work in the login and I figured it out by examining the password verification code.
I don't understand why it's controversial to simply accept and store a user's password verbatim. Any other approach risks introducing new security issues, from reduced entropy to password clashes. Misguided policy decisions are famous for weakening encryption schemes, like that of the Enigma machine in WWII.