Just thought I'd let y'all know that passwords can be set that contain a backslash (\) character, but it isn't possible to log in with such a password. Furthermore, you can't change a password through the password page with such a password since you need to enter the old password which will always be rejected.
Thankfully, recovery is easy enough by using the "lost password" page, but this is pretty bad UI. Also bad UI: passwords are limited to 32 characters, but nothing in the UI says that until you've submitted a password longer than that.