I want to check the strength of the password entered by user during registration. I have to make some regular expression for it. Any Insights.
A:
Why not use the PasswodStrength control in Ajax control toolkit?
PasswordStrength is an ASP.NET AJAX extender that can be attached to an ASP.NET TextBox control used for the entry of passwords. The PasswordStrength extender shows the strength of the password in the TextBox and updates itself as the user types the password. The indicator can display the strength of the password as a text message or with a progress bar indicator. ....
Shoban
2009-10-30 10:19:14
It says that "qwertyuiop" is excellent password.
Dmitriy Matveev
2009-10-30 10:21:02
@Dmitriy Matveev - can you suggest an author a way to improve it? May be, hard-code all possible simple combinations on keyboard? How many of them you need to hard-code?
FractalizeR
2009-10-30 12:24:15
A:
I'm using this (http://blog.stevenlevithan.com/archives/javascript-password-validator) script for password validation.
I've extended this script to a Extender Control:
[TargetControlType(typeof(ITextControl))]
public class PasswordValidatorExtender : ExtenderControl
{
public PasswordValidatorExtender()
{
}
public int MinPasswordLength
{
get { return (int?)ViewState["MinPasswordLength"] ?? 0; }
set { ViewState["MinPasswordLength"] = value; }
}
protected override IEnumerable<ScriptDescriptor> GetScriptDescriptors(Control targetControl)
{
ScriptControlDescriptor desc = new ScriptControlDescriptor("MyNamespace.PasswordValidator", targetControl.ClientID);
desc.AddProperty("MinPasswordLength", MinPasswordLength);
yield return desc;
}
protected override IEnumerable<ScriptReference> GetScriptReferences()
{
string url = Page.ResolveUrl("~/scripts/PasswordValidator.js");
yield return new ScriptReference(url);
}
}
/// <reference name="MicrosoftAjax.js"/>
Type.registerNamespace("MyNamespace");
MyNamespace.PasswordValidator = function(element) {
this._minPasswordLength;
this._onTextChangedHandler;
MyNamespace.PasswordValidator.initializeBase(this, [element]);
}
MyNamespace.PasswordValidator.prototype = {
initialize: function() {
MyNamespace.PasswordValidator.callBaseMethod(this, 'initialize');
var element = this.get_element();
this._onTextChangedHandler = Function.createDelegate(this, this._onTextChanged);
$addHandler(element, "change", this._onTextChangedHandler);
$addHandler(element, "keyup", this._onTextChangedHandler);
},
dispose: function() {
//Benutzerdefinierte Löschaktionen hier einfügen
MyNamespace.PasswordValidator.callBaseMethod(this, 'dispose');
},
// Properties
get_MinPasswordLength: function() {
return this._minPasswordLength;
},
set_MinPasswordLength: function(val) {
this._minPasswordLength = val;
},
// Events
_onTextChanged: function(e) {
var element = this.get_element();
var txt = e.target.value;
element.removeAttribute('style');
var style = '';
if (this.validatePassword(txt, { length: [this._minPasswordLength, Infinity], numeric: 1, special: 1, upper: 1 }))
{
style = 'PasswordValidator_Best';
}
else if (this.validatePassword(txt, { length: [this._minPasswordLength, Infinity], numeric: 1, upper: 1 }))
{
style = 'PasswordValidator_Good';
}
else
{
style = 'PasswordValidator_Weak';
}
removeCSSClass(element, 'PasswordValidator_Weak');
removeCSSClass(element, 'PasswordValidator_Good');
removeCSSClass(element, 'PasswordValidator_Best');
if(style != '')
{
Sys.UI.DomElement.addCssClass(element, style);
}
},
// http://blog.stevenlevithan.com/archives/javascript-password-validator
/*
Password Validator 0.1
(c) 2007 Steven Levithan <stevenlevithan.com>
MIT License
*/
validatePassword: function (pw, options) {
// default options (allows any password)
var o = {
lower: 0,
upper: 0,
alpha: 0, /* lower + upper */
numeric: 0,
special: 0,
length: [0, Infinity],
custom: [ /* regexes and/or functions */ ],
badWords: [],
badSequenceLength: 0,
noQwertySequences: false,
noSequential: false
};
for (var property in options)
o[property] = options[property];
var re = {
lower: /[a-z]/g,
upper: /[A-Z]/g,
alpha: /[A-Z]/gi,
numeric: /[0-9]/g,
special: /[\W_]/g
},
rule, i;
// enforce min/max length
if (pw.length < o.length[0] || pw.length > o.length[1])
return false;
// enforce lower/upper/alpha/numeric/special rules
for (rule in re) {
if ((pw.match(re[rule]) || []).length < o[rule])
return false;
}
// enforce word ban (case insensitive)
for (i = 0; i < o.badWords.length; i++) {
if (pw.toLowerCase().indexOf(o.badWords[i].toLowerCase()) > -1)
return false;
}
// enforce the no sequential, identical characters rule
if (o.noSequential && /([\S\s])\1/.test(pw))
return false;
// enforce alphanumeric/qwerty sequence ban rules
if (o.badSequenceLength) {
var lower = "abcdefghijklmnopqrstuvwxyz",
upper = lower.toUpperCase(),
numbers = "0123456789",
qwerty = "qwertyuiopasdfghjklzxcvbnm",
start = o.badSequenceLength - 1,
seq = "_" + pw.slice(0, start);
for (i = start; i < pw.length; i++) {
seq = seq.slice(1) + pw.charAt(i);
if (
lower.indexOf(seq) > -1 ||
upper.indexOf(seq) > -1 ||
numbers.indexOf(seq) > -1 ||
(o.noQwertySequences && qwerty.indexOf(seq) > -1)
) {
return false;
}
}
}
// enforce custom regex/function rules
for (i = 0; i < o.custom.length; i++) {
rule = o.custom[i];
if (rule instanceof RegExp) {
if (!rule.test(pw))
return false;
} else if (rule instanceof Function) {
if (!rule(pw))
return false;
}
}
// great success!
return true;
}
}
MyNamespace.PasswordValidator.registerClass('MyNamespace.PasswordValidator', Sys.UI.Behavior);
if (typeof(Sys) !== 'undefined') Sys.Application.notifyScriptLoaded();
Arthur
2009-10-30 10:48:07