(skeletor is leading by example by adding that unnecessary apostrophe…)

  • Yes, char(9) is the SQL string for it.

    However most modern password attributes are blocking this from SQL injections where a playfully named user “Drop Table” does not cause any harm