I know that BT only accepts alphanumeric upper/lower case passwords (no 'non English' characters) but this goes against most security advice which recommends a mixture of alphanumeric and other characters in passwords (some sites even require them).

Does anyone know whether BT is even considering such a change - most  password generators use the full range and this means that they cannot readily be used for BT transactions.

Additionally BT tries to force you to use the same password for BT ID and for your main e-mail. You can break this (with effort) but it appears to be a default.

When cyber security is increasingly an issue - why is BT so far behind the times in terms of best practice? Does anyone know (distinguished sages)?