Proposing this as a fix -- https://github.com/ansible/ansible/pull/13257/files
@bcoca @jimi-c @abadger comments?

I can confirm this pull request would solve the issue for me.
Also the failing password would not be printed on the command line, like it was before the fix. I see this as a critical security issue, as others could get a look at the 'rejected' password on the screen.
thanx @chrrrles

@ThomasSteinbach / @chrrrles I'm ok with the patch above, with the one caveat that it should be using to_unicode() from ansible.utils.unicode instead of the try/except method (which is how we typically used to deal with this kind of issue).

@chrrrles Could we please re-open this issue, as recent changes reverted the error? Even with to_unicode() Ansible fails with parsing a password like k§=aI$nt. There is just a new error:

UnicodeEncodeError: 'ascii' codec can't encode character u'\xa7' in position 1: ordinal not in range(128)

The working implementation for me is

if attribute.isa == 'string':
  try:
    value = to_unicode(value)
  except UnicodeDecodeError:
    value = binary_type(value)

However @jimi-c , you said that the try/except way is not the best. Did you know a working alternative? What does it mean to use binary_type for every string?

@ThomasSteinbach Could you give me the full traceback?

The code you're showing me as fixing this is definitely incorrect as it translates the value into either a text type (unicode) or a bytes type (str) depending on whether a UnicodeDecodeError (which should never happen with the default params to to_unicode()).

@ThomasSteinbach reproduced... looking further.

Okay, that should fix this issue. Pushed to both devel and the stable-2.0 branch.

Thank you @abadger , I couldn't reproduce the issue on my working machine, which confuses me a lot. I planned to check it again at home on my laptop, where issue arose. However you have fixed the issue. Great.