ansaurus

Question

Strong password regex

Answer 1

+8 A:

Doesn't sound like a task particularly suited for Regex, since you want to test multiple conditions simultaneously. (You could use multiple regexes, but then normal C# with LINQ is a nicer way to test it.) Try the following function:

public static bool IsStrongPassword(string password)
{
    // Minimum and Maximum Length of field - 6 to 12 Characters
    if (password.Length < 6 || password.Length > 12)
        return false;

    // Special Characters - Not Allowed
    // Spaces - Not Allowed
    if (!(password.All(c => char.IsLetter(c) || char.IsNumeric(c))))  
        return false;

    // Numeric Character - At least one character
    if (!password.Any(c => char.IsNumeric(c)))
        return false;

    // At least one Capital Letter
    if (!password.Any(c => char.IsUpper(c)))
        return false;

    // Repetitive Characters - Allowed only two repetitive characters
    var repeatCount = 0;
    var lastChar = '\0';
    foreach(var c in password)
    {
        if (c == lastChar)
            repeatCount++;
        else
            repeatCount = 0;
        if (repeatCount == 2)
            return false;
        lastChar = c;
    }

    return true;
}

Make sure you import System.Linq of course, and you're set to go.

Noldorin 2010-06-28 08:47:13

Repetative characters ?

Maxim 2010-06-28 08:50:23

Maybe one could combine the above LINQ approach with a couple of regexps that test stuff that regexps are good at?

Martin Wickman 2010-06-28 09:03:09

@Maxim: Edited, that's included now. Repetitive characters is the only test I *might* do using regex, but I think the current approach is still fine.

Noldorin 2010-06-28 09:04:09

+1: This method looks more maintainable than using a single regex. IMO even breaking down the single regex into smaller ones would be a step in the right direction.

Phil 2010-06-28 10:35:42

Answer 2

+1 A:

You can search the regex library

simendsjo 2010-06-28 08:54:40

Answer 3

+4 A:

^(?=.*[A-Z])(?=.*\d)(?!.*(.)\1\1)[a-zA-Z0-9@]{6,12}$

Special Characters - Not Allowed
Spaces - Not Allowed
Minimum and Maximum Length of field - 6 to 12 Characters
Met by [a-zA-Z0-9@]{6,12}
Numeric Character - At least one character
Met by positive lookahead (?=.*\d)
At least one Capital Letter
Met by positive lookahead (?=.*[A-Z])
Repetitive Characters - Allowed only two repetitive characters
I am not sure what you mean by this. The negative lookahead (?!.*(.)\1\1) makes sure that no character is allowed to appear more than two times in a row. Substring aa is okay, aaa is not.
Make it (?!.*(.+)\1\1) to reject repeated substrings of length more than one (like ababab) or add .* before \1 to reject non-continuous repeated appearances too.

Amarghosh 2010-06-28 09:03:57

Repetitive Characters - i mean: allowed paassword, and not allowed paaassword or passsword. What i need to do in this case?

Maxim 2010-06-28 09:13:48

I still insist my code is much more readable/maintainable! Bah, regex for everyting and anything.

Noldorin 2010-06-28 09:25:14

@Maxim It seems my understanding was correct. The given regex should do it.

Amarghosh 2010-06-28 09:29:33

@Noldorin I kind of agree with you. Regexes and kids are alike - understanding/maintaining someone else's stuff can be a headache. That said, regex is compact and its fun to write them :)

Amarghosh 2010-06-28 09:32:52

@Amarghosh: Fun to write indeed, just not to read heh. Thus the downfall of Perl...

Noldorin 2010-06-28 10:34:30

@Noldorin OP asked for regex, and he got one. If you ask me if I'd use (or be allowed to use) this regex in the production code with many people working on it...

Amarghosh 2010-06-28 10:38:15

No no, I don't blame you. Just taking the opportunity to have a good rant. :)

Noldorin 2010-06-28 10:49:36

@Noldorin too bad it ended so fast :)

Amarghosh 2010-06-28 11:10:19

ansaurus

tags:

views:

answers:

Strong password regex

related questions