Comment by nkrisc
9 hours ago
You can but you have to tie it to actual devices and a point in time, not simply a specific OS version. Essentially, all devices that existed before the change must still support the old set of characters and devices produced (or sold or activated) afterwards can support the reduced set.
Or wait until a future OS version that will not support any device currently in existence.
This fails if they let you keep your password migrating between devices, though, so you probably need a version somewhere in the middle that flags it as an issue and flags it as not allowing migration without changing the passphrase.
Yeah, they could force a password update at some point to ensure passwords meet the new requirements.
You need to not just force the update, but also forbid using pre-updated ones in migration, since someone might conceivably have an off-for-many-years device they wake up and want to migrate.
The long tail of stupid edge cases is very long indeed.