diff --git a/chat/command.go b/chat/command.go
index fcd5d05..eb085c9 100644
--- a/chat/command.go
+++ b/chat/command.go
@@ -151,8 +151,7 @@ func InitCommands(c *Commands) {
 			}
 
 			oldId := member.Id()
-			member.SetId(args[0])
-
+			member.SetId(SanitizeName(args[0]))
 			err := room.Rename(oldId, member)
 			if err != nil {
 				member.SetId(oldId)
diff --git a/chat/room.go b/chat/room.go
index 041fe9e..7d1b3af 100644
--- a/chat/room.go
+++ b/chat/room.go
@@ -14,6 +14,10 @@ const roomBuffer = 10
 // closed.
 var ErrRoomClosed = errors.New("room closed")
 
+// The error returned when a user attempts to join with an invalid name, such
+// as empty string.
+var ErrInvalidName = errors.New("invalid name")
+
 // Member is a User with per-Room metadata attached to it.
 type Member struct {
 	*User
@@ -128,6 +132,9 @@ func (r *Room) Join(u *User) (*Member, error) {
 	if r.closed {
 		return nil, ErrRoomClosed
 	}
+	if u.Id() == "" {
+		return nil, ErrInvalidName
+	}
 	member := Member{u, false}
 	err := r.members.Add(&member)
 	if err != nil {
@@ -152,6 +159,9 @@ func (r *Room) Leave(u *User) error {
 
 // Rename member with a new identity. This will not call rename on the member.
 func (r *Room) Rename(oldId string, identity Identifier) error {
+	if identity.Id() == "" {
+		return ErrInvalidName
+	}
 	err := r.members.Replace(oldId, identity)
 	if err != nil {
 		return err
diff --git a/chat/sanitize.go b/chat/sanitize.go
new file mode 100644
index 0000000..8b162cd
--- /dev/null
+++ b/chat/sanitize.go
@@ -0,0 +1,17 @@
+package chat
+
+import "regexp"
+
+var reStripName = regexp.MustCompile("[^\\w.-]")
+
+// SanitizeName returns a name with only allowed characters.
+func SanitizeName(s string) string {
+	return reStripName.ReplaceAllString(s, "")
+}
+
+var reStripData = regexp.MustCompile("[^[:ascii:]]")
+
+// SanitizeData returns a string with only allowed characters for client-provided metadata inputs.
+func SanitizeData(s string) string {
+	return reStripData.ReplaceAllString(s, "")
+}
diff --git a/host.go b/host.go
index d099772..e8226f2 100644
--- a/host.go
+++ b/host.go
@@ -87,7 +87,7 @@ func (h *Host) Connect(term *sshd.Terminal) {
 	}
 
 	member, err := h.Join(user)
-	if err == chat.ErrIdTaken {
+	if err != nil {
 		// Try again...
 		id.SetName(fmt.Sprintf("Guest%d", h.count))
 		member, err = h.Join(user)
diff --git a/identity.go b/identity.go
index c41d382..bfd46fa 100644
--- a/identity.go
+++ b/identity.go
@@ -18,7 +18,7 @@ type Identity struct {
 func NewIdentity(conn sshd.Connection) *Identity {
 	return &Identity{
 		Connection: conn,
-		id:         conn.Name(),
+		id:         chat.SanitizeName(conn.Name()),
 	}
 }