Yeah, multiple languages or even putting an ê or something in an English password to mix things up. It makes perfect sense to allow.

It’s a good thing they require each codepoint to be treated as one character for the length limit, since “🤔🤣” is 8 bytes on its own, but the unicode prefix is trivial to guess.