Drupal Association members fund grants that make connections all over the world.
We have had complaints from security conscious users that LoginToboggan prevents users changing passwords to use spaces.
Using non-alphanumeric characters is encouraged for increased security, and I'm not aware of any issues that would arise from spaces being used.
Can someone explain why LoginToboggan does this? I'd just comment out the relevant line, but I want to check first if LoginToboggan has a specific need for there to be no spaces in passwords. I suspect it was just a feature request that's been added without being made configurable.
Happy to supply a patch to make this site-configurable, if that's what it takes.