The question that should be asked is, "What's a 'Special Character' and why shouldn't it be allowed in a password?"
I had this argument with a developer the other day.
Any character that cannot be hashes or escaped before sending it to the storage backend. (Which, agreed, on a modern platform are none.)
When I started web programming in 1995 some sites had little more than CSV files for storing data. Input filtering then suddenly makes a lot of sense, especially because handy utility methods for hashing and escaping weren't as widely available in all languages as they are now. Any developer still opting for such requirements is obviously an old-timer who hasn't updated his or her skills, or was trained by one.