Regex for Password Validation
217 views
Skip to first unread message
kishorpatel415
Jun 30, 2012, 11:36:34 AM6/30/12
to Regex
Hi,
I need to validate a password using a regex. The password rules are as
follows:
at least 10 characters
at least one lowercase letter
at least one uppercase letter
at least one number
at least one symbol @#$%=:?
Can anyone provide me a regex that would handle this? Thanks in
advance.
I need to validate a password using a regex. The password rules are as
follows:
at least 10 characters
at least one lowercase letter
at least one uppercase letter
at least one number
at least one symbol @#$%=:?
Can anyone provide me a regex that would handle this? Thanks in
advance.
Ross Presser
Jul 3, 2012, 5:14:56 PM7/3/12
to re...@googlegroups.com
Doing it with a single regex is going to be complicated, if it's possible at all.
Doing it with one regex for each rule would be simple.
Doing it with a for loop over the characters would be most straightforward.
Honestly, a regex is not the right tool for this, IMHO.
Staffan Nöteberg
Jul 3, 2012, 5:32:39 PM7/3/12
to re...@googlegroups.com
As always, it depends on what regex engine you use. In PHP, Java, C#, Perl
and some others, it would look like this:
(?=.*\p{Ll})(?=.*\p{Lu})(?=.*\d)(?=.*[@#$%=:?]).{10,}
Best // Staffan Nöteberg
---
http://twitter.com/staffannoteberg
--
Sub, Unsub, Read-on-the-web, tune your personal settings for this Regex
forum:
http://groups.google.com/group/regex?hl=en
and some others, it would look like this:
(?=.*\p{Ll})(?=.*\p{Lu})(?=.*\d)(?=.*[@#$%=:?]).{10,}
Best // Staffan Nöteberg
---
http://twitter.com/staffannoteberg
Sub, Unsub, Read-on-the-web, tune your personal settings for this Regex
forum:
http://groups.google.com/group/regex?hl=en
Jim Michaels
Jul 3, 2012, 8:05:02 PM7/3/12
to re...@googlegroups.com
it's not a regex, but I have a javascript function which both generates and validates passwords. part of the code is a while loop which checks that it contains the proper number of required characters.
you can view source at http://pwdgen-jm.sf.net
you can easily change the character sets to your liking.
a regex is not going to be random enough for you and still meet your requirements for mixture of characters. doing something like this requires a program.
the validator I have is very ignorant. it doesn't check the order/randomness of the characters, only that the proper number of characters
exist in the string.
function ValidatePass(
isLowers, isUppers, isPuncts, isDigits,
minLowers, minUppers, minPuncts, minDigits,
pwdLength,
password
) {
var passcharsLowers="abcdefghijkmnopqrstuvwxyz";//removed lowercase l because it's eimilar to number 1 and capital I
var passcharsUppers="ABCDEFGHJKLMNPQRSTUVWXYZ";//removed capital O because it's similar to number 0
var passcharsPuncts="~!@#$%^&*()_-=+[{]}\\|;:/?.,";//questionable: '"`.,(){}<> because they are hard to discern on a screen and some web apps don't like 'em.
var passcharsDigits="23456789";//removed 0 and 1 because they are similar to capitals O and I and lowercase l
//finished processing arguments. now look at them for sensibility.
var sum=minDigits+minPuncts+minUppers+minLowers;
if (sum > pwdLength) {
pwdLength=sum;
}
if (password.length != pwdLength) {
return false;
}
if ((!isLowers) && (!isUppers) && (!isDigits) && (!isPuncts)) {
//this would cause a forever loop.
return false;//return a blank password
}
//if (!isPuncts && !isDigits &&!isLowers &!isUppers) {
// alert("pwdgen ERROR: you disabled all output. try something else.\n");
// return false;
//}
var i,
dpos,
upos,
lpos,
ppos;
var
pwdCount=0,
countLowers=0,
countUppers=0,
countPuncts=0,
countDigits=0;
//pwdCount=0;
for (i=0; i < password.length; i++) {
ppos=passcharsPuncts.indexOf(password.charAt(i),0);
lpos=passcharsLowers.indexOf(password.charAt(i),0);
upos=passcharsUppers.indexOf(password.charAt(i),0);
dpos=passcharsDigits.indexOf(password.charAt(i),0);
if (-1!=ppos && isPuncts) {countPuncts++;}
if (-1!=lpos && isLowers) {countLowers++;}
if (-1!=upos && isUppers) {countUppers++;}
if (-1!=dpos && isDigits) {countDigits++;}
}
//most sites require passwords with at least 2 digits. 12 characters make a good password. especially if it contains punctuation.
//don't mess with the logic of this if statement! it was hard to craft!
if (
(isPuncts && countPuncts < minPuncts) ||
(isDigits && countDigits < minDigits) ||
(isLowers && countLowers < minLowers) ||
(isUppers && countUppers < minUppers)
) {
return false;
} else {
return true;
}
}
-------------
Jim Michaels
Jmic...@yahoo.com
Ji...@RenewalComputerServices.com
http://RenewalComputerServices.com
http://JesusnJim.com (my personal site, has software)
---
IEC Units: Computer RAM & SSD measurements, microsoft disk size measurements (note: they will say GB or MB or KB or TB when it is IEC Units!):
Jim Michaels
Jmic...@yahoo.com
Ji...@RenewalComputerServices.com
http://RenewalComputerServices.com
http://JesusnJim.com (my personal site, has software)
---
IEC Units: Computer RAM & SSD measurements, microsoft disk size measurements (note: they will say GB or MB or KB or TB when it is IEC Units!):
[KiB] [MiB] [GiB] [TiB]
[2^10B=1,024^1B=1KiB]
[2^20B=1,024^2B=1,048,576B=1MiB]
[2^30B=1,024^3B=1,073,741,824B=1GiB]
[2^40B=1,024^4B=1,099,511,627,776B=1TiB]
[2^50B=1,024^5B=1,125,899,906,842,624B=1PiB]
SI Units: Hard disk industry disk size measurements:
[2^20B=1,024^2B=1,048,576B=1MiB]
[2^30B=1,024^3B=1,073,741,824B=1GiB]
[2^40B=1,024^4B=1,099,511,627,776B=1TiB]
[2^50B=1,024^5B=1,125,899,906,842,624B=1PiB]
SI Units: Hard disk industry disk size measurements:
[KB] [MB] [GB] [TB]
[10^3B=1,000B=1KB]
[10^6B=1,000,000B=1MB]
[10^9B=1,000,000,000B=1GB]
[10^12B=1,000,000,000,000B=1TB]
[10^15B=1,000,000,000,000,000B=1PB]
[10^3B=1,000B=1KB]
[10^6B=1,000,000B=1MB]
[10^9B=1,000,000,000B=1GB]
[10^12B=1,000,000,000,000B=1TB]
[10^15B=1,000,000,000,000,000B=1PB]
From: Staffan Nöteberg <staffan....@rekursiv.se>
To: re...@googlegroups.com
Sent: Tuesday, July 3, 2012 2:32 PM
Subject: RE: [REGEX] Re: Regex for Password Validation
Reply all
Reply to author
Forward
0 new messages