To address the Perl question first, once you determine what characters are allowable in passwords, just use an inverted character class to determine if any unacceptable characters are supplied. To invert a character class, add a caret to the front of it. For example,

# Just add any other valid characters after the \w
if($password =~ /[^\w]/) {
  # invalid character supplied
}
[download]

As for what characters to allow...are you asking about password strength for heightening security? I'm not aware if there's an industry standard, but I've often seen password schemes that require picking at least 3 different characters classes (where the four classes are often uppercase, lowercase, punctuation and numbers).