Why not just take the users input for password, and then just generating from perl an md5 digest or similar? That way, regardless of what they type in, (which can contain many special characters as they like), you will be sending the database alphanumeric characters only (if you choose the hex digest option).

----
Zak