I suggest don't fork the code.
You can set a regular expression in Site Settings to control password allowed characters and you can set a regex expression in user.config to control user names
<add key="UserNameValidationExpression" value="" />
as long as you have different regex rules for passwords vs user names then they cannot be the same.