I am building a secured algorithm to get rid of obfuscation attacks. The user is validated with the token which should satisfy following condition:
username in lowercase letters only and username is at least 5 digit long.
username is followed with #.
After # first two characters are important. A digit and a character always. This part contains at least a digit, a lowercase and an upperCase Letter.
In between there could be any number of digits or letters only.
In the last the digit and character should exactly match point-3's digit and character.
It should end with #.
The characters in the middle of two # should be at least 5 characters long.
The complete token consists only of two #, lowercase and uppercase letters and digits. And
I don't know about regular expression but my guide told me this task is easily achieved at validation time by regular expressions. After I looked for long on the internet and found some links which are similar and tried to combine them and got this:
^[a-z]{5,}#[a-zA-Z0-9]{2}[A-Z][0-9A-Za-z]*[a-zA-Z0-9]{2}#$
But this only matches 1 test case. I don't know how I can achieve the middle part of two hashes. I tried to explain my problem as per my english. Please help.
Below test cases should pass
userabcd#4a39A234a#
randomuser#4A39a234A#
abcduser#2Aa39232A#
abcdxyz#1q39A231q#
randzzs#1aB1a#
Below test cases should fail:
randuser#1aaa1a#
randuser#1112#
randuser#a1a1##
randuser#1aa#
u#4a39a234a#
userstre#1qqeqe123231q$
user#1239a23$a#
useabcd#4a39a234a#12
You may try:
^[a-z]{5,}#(?=[^a-z\n]*[a-z])(?=[^A-Z\n]*[A-Z])(\d[a-zA-Z])[a-zA-Z\d]*\1#$
Explanation of the above regex:
^, $ - Represents start and end of the line respectively.
[a-z]{5,} - Matches lower case user names 5 or more times.
# - Matches # literally.
(?=[^a-z]*[a-z]) - Represents a positive look-ahead asserting at least a lowercase letters.
(?=[^A-Z]*[A-Z]) - Represents a positive look-ahead asserting at least an uppercase letters.
(\d[a-zA-Z]) - Represents a capturing group matching first 2 character i.e. a digit and a letter. If you want other way then use [a-zA-Z]\d.
[a-zA-Z\d]* - Matching zero or more of the characters in mentioned character set.
\1 - Represents back-reference exactly matching the captured group.
You can find the demo of the above regex in here.
Note: If you want to match one string at a time i.e. for practical purposes; remove \n from the character sets.
You can use this regex as an alternative.
^[a-z]{5,}#(?=.*?[a-z])(?=.*?[A-Z])(\d[a-zA-Z])[a-zA-Z\d]*\1#$
Recommended reading: Principle of contrast
Related
The question is pretty much in the title. I need to check if a string is alphanumerical only - no special characters, and that is contains at least one lowercase letter, at least one uppercase letter, at least one number.
passWORD1 validates, password2, PASSWORD3, passWORD, passWORD5*, psWD6 would not.
It is similar to Regex to check if a string contains at least A-Za-z0-9 but not an &, but does not meet all the criteria. I also could go with iterating through the criteria, but I really need a regex to feed it to validate.js module (so JS/Node), which will only throw one a single error stating all the password criteria at once)
You should try this:
"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$"
^ Start of the string
(?=.*[a-z]) lowercase validation
(?=.*[A-Z]) uppercase validation
(?=.*\d) numbers validation
[a-zA-Z\d] characters allowed
{8,} minimum size (you can put the maximum after the comma)
$ End of the String
The regex you need fulfilling all your requirement is this,
^(?=[A-Z0-9]*[a-z])(?=[a-zA-Z]*[0-9])(?=[a-z0-9]*[A-Z])[a-zA-Z0-9]{8,}$
You basically need three positive look aheads to ensure meeting your three conditions of minimum presence of three kind of characters and finally consume the alphanumeric characters using a character set followed by quantifier as mentioned in the regex.
Explanation:
^ - Start of string
(?=[A-Z0-9]*[a-z]) - Look ahead to ensure at least one lower case alphabet
(?=[a-zA-Z]*[0-9]) - Look ahead to ensure at least one digit
(?=[a-z0-9]*[A-Z]) - Look ahead to ensure at least one upper case alphabet
[a-zA-Z0-9]{8,} - Captures eight or more alphanumeric characters
$ - Matches end of string
Regex Demo
I've run into some issues with this one and cannot find it in past questions.
Criteria:
Reject pure digits
Reject pure letters
Reject any symbols
Accept ONLY Alphanumeric combo
MUST be equal to 10 characters total
Here is what I have made and the problems with each:
^(?!^\d*$)[a-zA-Z\d]{10}$
This fails criteria #2
^[a-zA-Z0-9]{10}$
This fails criteria #1
I have tried some others that meet all criteria but fail the 10 char limit.
Any help is appreciated.
You may use a second lookahead:
^(?!\d+$)(?![a-zA-Z]+$)[a-zA-Z\d]{10}$
See the regex demo and the Regulex graph:
Details
^ - start of string
(?!\d+$) - a negative lookahead that makes sure the whole string is not composed of just digits
(?![a-zA-Z]+$) - the whole string cannot be all letters
[a-zA-Z\d]{10} - 10 letters or digits
$ - end of string.
Try this:
(?=^.{10}$)^([a-z]+\d[a-z0-9]*|\d+[a-z][a-z0-9]*)$
Demo
Explanation:
(?=^.{10}$)^([a-z]+\d[a-z0-9]*|\d+[a-z][a-z0-9]*)$
(?=^.{10}$) # there's exactly 10 characters following
^( | )$ # we match the entire string, containing either:
[a-z]+\d[a-z0-9]* # letters, followed by a number, followed by alphanumerics, or
\d+[a-z][a-z0-9]* # numbers, followed by a letter, followed by alphanumerics
Use lookahead to find at least one char of each type you require, and specify the length and char limitation in the "regular" part of your regex:
^(?=.*[a-zA-Z])(?=.*\d)[0-9a-zA-Z]{10}$
(?=.*[a-zA-Z])- Look ahead and find a letter,
(?=.*\d) - Look ahead and find a digit
[0-9a-zA-Z]{10} - exactly 10 digit/letter chars
Edit: Thanks for the advice to make my question clearer :)
The Match is looking for 3 consecutive characters:
Regex Match =AaA653219
Regex Match = AA5556219
The code is ASP.NET 4.0. Here is the whole function:
public ValidationResult ApplyValidationRules()
{
ValidationResult result = new ValidationResult();
Regex regEx = new Regex(#"^(?=.*\d)(?=.*[a-zA-Z]).{8,20}$");
bool valid = regEx.IsMatch(_Password);
if (!valid)
result.Errors.Add("Passwords must be 8-20 characters in length, contain at least one alpha character and one numeric character");
return result;
}
I've tried for over 3 hours to make this work, referencing the below with no luck =/
How can I find repeated characters with a regex in Java?
.net Regex for more than 2 consecutive letters
I have started with this for 8-20 characters a-Z 0-9 :
^(?=.*\d)(?=.*[a-zA-Z]).{8,20}$
As Regex regEx = new Regex(#"^(?=.*\d)(?=.*[a-zA-Z]).{8,20}$");
I've tried adding variations of the below with no luck:
/(.)\1{9,}/
.*([0-9A-Za-z])\\1+.*
((\\w)\\2+)+".
Any help would be much appreciated!
http://regexr.com?34vo9
The regular expression:
^(?=.{8,20}$)(([a-z0-9])\2?(?!\2))+$
The first lookahead ((?=.{8,20}$)) checks the length of your string. The second portion does your double character and validity checking by:
(
([a-z0-9]) Matching a character and storing it in a back reference.
\2? Optionally match one more EXACT COPY of that character.
(?!\2) Make sure the upcoming character is NOT the same character.
)+ Do this ad nauseum.
$ End of string.
Okay. I see you've added some additional requirements. My basic forumla still works, but we have to give you more of a step by step approach. SO:
^...$
Your whole regular expression will be dropped into start and end characters, for obvious reasons.
(?=.{n,m}$)
Length checking. Put this at the beginning of your regular expression with n as your minimum length and m as your maximum length.
(?=(?:[^REQ]*[REQ]){n,m})
Required characters. Place this at the beginning of your regular expression with REQ as your required character to require N to M of your character. YOu may drop the (?: ..){n,m} to require just one of that character.
(?:([VALID])\1?(?!\1))+
The rest of your expression. Replace VALID with your valid Characters. So, your Password Regex is:
^(?=.{8,20}$)(?=[^A-Za-z]*[A-Za-z])(?=[^0-9]*[0-9])(?:([\w\d*?!:;])\1?(?!\1))+$
'Splained:
^
(?=.{8,20}$) 8 to 20 characters
(?=[^A-Za-z]*[A-Za-z]) At least one Alpha
(?=[^0-9]*[0-9]) At least one Numeric
(?:([\w\d*?!:;])\1?(?!\1))+ Valid Characters, not repeated thrice.
$
http://regexr.com?34vol Here's the new one in action.
Tightened up matching criteria as it was too broad; for example, "not A-Za-z" matches a lot more than is intended. The previous REGEX was matching on the string "ThiIsNot". For the most part, passwords are only going to contain alphanumeric and punctation characters, so I limited the scope, which made all matches more accurate. Used character classes for human readability. Added and exclusion list, and differentiated upper and lower case letters.
^(?=.{8,20}$)(?!(?:.*[01IiLlOo]))(?=(?:[\[[:digit:]\]\[[:punct:]\]]*[\[[:alpha:]\]]){2})(?=(?:[\[[:digit:]\]\[[:punct:]\]\[[:upper:]\]]*[\[[:lower:]\]]){1})(?=(?:[\[[:digit:]\]\[[:punct:]\]\[[:lower:]\]]*[\[[:upper:]\]]){1})(?=(?:[\[[:alpha:]\]\[[:punct:]\]]*[\[[:digit:]\]]){1})(?=(?:[\[[:alnum:]\]]*[\[[:punct:]\]]){1})(?:([\[[:alnum:]\]\[[:punct:]\]])\1?(?!\1))+$
The breakdown:
^(?=.{8,20}$) - Positive lookahead that the string is between 8 and 20 chars
(?!(?:.*[01IiLlOo])) - Negative lookahead for any blacklisted chars
(?=(?:[\[[:digit:]\]\[[:punct:]\]]*[\[[:alpha:]\]]){2}) - Verify that at least 2 alpha chars exist
(?=(?:[\[[:digit:]\]\[[:punct:]\]\[[:upper:]\]]*[\[[:lower:]\]]){1}) - Verify that at least 1 lowercase alpha exists
(?=(?:[\[[:digit:]\]\[[:punct:]\]\[[:lower:]\]]*[\[[:upper:]\]]){1}) - Verify that at least 1 uppercase alpha exists
(?=(?:[\[[:alpha:]\]\[[:punct:]\]]*[\[[:digit:]\]]){1}) - Verify that at least 1 digit exists
(?=(?:[\[[:alnum:]\]]*[\[[:punct:]\]]){1}) - Verify that at least 1 special/punctuation char exists
(?:([\[[:alnum:]\]\[[:punct:]\]])\1?(?!\1))+$ - Verify that no char is repeated more than twice in a row
I'm trying to make a regex for allowing only strong passwords, strong in this case being defined as:
Must start with a letter (either uppercase or lowercase)
Must have at least 8 and up to 12 characters
Must have at least one uppercase letter
Must have at least three lowercase letters
Must have at least two numbers
Must have at least two special characters
Maximum number of identical consecutive characters is three
Now, last one is giving me trouble. How do I count consecutive characters?
For example, FOOfoo!?123 should work, but FOOOfoo!?12 should not (because or three esses).
What I've got so far:
^[A-Za-z]{1}(?=.*[A-Z]{1,})(?=.*[a-z]{3,})(?=.*[0-9]{2,})(?=.*[!?#*#&$]{2,}).{8,12}$
One more thing: something is amiss, because my regex above claims strings like FooFoo!?123 are invalid. I think it's because it only checks for one or more uppercase letters or three or more lowercase letters or numbers or specials, but I don't want that, I want that is the password contains three lowercase letters in total, it should be valid. How do I do that?
When you have so many conditions, it might be a good idea - provided your environment allows that - to split the regex and check each condition separately.
If you cannot do that, here is a free-spacing version of the fixed regex:
^ # start of string
(?=[^A-Z]*[A-Z]) # At least 1 uppercase ASCII letter
(?=(?:[^a-z]*[a-z]){3}) # at least 3 lowercase ASCII letters
(?=(?:[^0-9]*[0-9]){2}) # at least 2 ASCII digits
(?=(?:[^!?#*#&$]*[!?#*#&$]){2}) # at least 2 special symbols
(?!.*(.)\1{2}) # No 3 consecutive characters
[A-Za-z] # An ASCII letter
.{7,11} # 7 to 11 any characters but newline
$ # end of string
As a one-liner:
^(?=[^A-Z]*[A-Z])(?=(?:[^a-z]*[a-z]){3})(?=(?:[^0-9]*[0-9]){2})(?=(?:[^!?#*#&$]*[!?#*#&$]){2})(?!.*(.)\1{2})[A-Za-z].{7,11}$
See the regex demo
Notes:
Must have at least three lowercase letters and similar conditions are implemented using the principle of contrast, i.e. before [a-z], we may have 0+ opposite chars matched with [^a-z].
To match the 3 letters globally, not consecutively, we need to use a limiting quantifier on the grouping, not on the character class, thus, [a-z]{3,} (=consecutive 3 or more lowercase letters) is turned into (?:[^a-z]*[a-z]){3} (=3 sequences of non-lowercase letters followed with 1 lowercase letter).
The condition you needed is (?!.*(.)\1{2}) - a negative lookahead ((?!...)) that checks for the presence of any character captured with (.) that is repeated twice after it with the \1 backreference and {2} limiting quantifier set on the backreference. And .* means that the repeated characters may appear anywhere in the string.
Edit: Thanks for the advice to make my question clearer :)
The Match is looking for 3 consecutive characters:
Regex Match =AaA653219
Regex Match = AA5556219
The code is ASP.NET 4.0. Here is the whole function:
public ValidationResult ApplyValidationRules()
{
ValidationResult result = new ValidationResult();
Regex regEx = new Regex(#"^(?=.*\d)(?=.*[a-zA-Z]).{8,20}$");
bool valid = regEx.IsMatch(_Password);
if (!valid)
result.Errors.Add("Passwords must be 8-20 characters in length, contain at least one alpha character and one numeric character");
return result;
}
I've tried for over 3 hours to make this work, referencing the below with no luck =/
How can I find repeated characters with a regex in Java?
.net Regex for more than 2 consecutive letters
I have started with this for 8-20 characters a-Z 0-9 :
^(?=.*\d)(?=.*[a-zA-Z]).{8,20}$
As Regex regEx = new Regex(#"^(?=.*\d)(?=.*[a-zA-Z]).{8,20}$");
I've tried adding variations of the below with no luck:
/(.)\1{9,}/
.*([0-9A-Za-z])\\1+.*
((\\w)\\2+)+".
Any help would be much appreciated!
http://regexr.com?34vo9
The regular expression:
^(?=.{8,20}$)(([a-z0-9])\2?(?!\2))+$
The first lookahead ((?=.{8,20}$)) checks the length of your string. The second portion does your double character and validity checking by:
(
([a-z0-9]) Matching a character and storing it in a back reference.
\2? Optionally match one more EXACT COPY of that character.
(?!\2) Make sure the upcoming character is NOT the same character.
)+ Do this ad nauseum.
$ End of string.
Okay. I see you've added some additional requirements. My basic forumla still works, but we have to give you more of a step by step approach. SO:
^...$
Your whole regular expression will be dropped into start and end characters, for obvious reasons.
(?=.{n,m}$)
Length checking. Put this at the beginning of your regular expression with n as your minimum length and m as your maximum length.
(?=(?:[^REQ]*[REQ]){n,m})
Required characters. Place this at the beginning of your regular expression with REQ as your required character to require N to M of your character. YOu may drop the (?: ..){n,m} to require just one of that character.
(?:([VALID])\1?(?!\1))+
The rest of your expression. Replace VALID with your valid Characters. So, your Password Regex is:
^(?=.{8,20}$)(?=[^A-Za-z]*[A-Za-z])(?=[^0-9]*[0-9])(?:([\w\d*?!:;])\1?(?!\1))+$
'Splained:
^
(?=.{8,20}$) 8 to 20 characters
(?=[^A-Za-z]*[A-Za-z]) At least one Alpha
(?=[^0-9]*[0-9]) At least one Numeric
(?:([\w\d*?!:;])\1?(?!\1))+ Valid Characters, not repeated thrice.
$
http://regexr.com?34vol Here's the new one in action.
Tightened up matching criteria as it was too broad; for example, "not A-Za-z" matches a lot more than is intended. The previous REGEX was matching on the string "ThiIsNot". For the most part, passwords are only going to contain alphanumeric and punctation characters, so I limited the scope, which made all matches more accurate. Used character classes for human readability. Added and exclusion list, and differentiated upper and lower case letters.
^(?=.{8,20}$)(?!(?:.*[01IiLlOo]))(?=(?:[\[[:digit:]\]\[[:punct:]\]]*[\[[:alpha:]\]]){2})(?=(?:[\[[:digit:]\]\[[:punct:]\]\[[:upper:]\]]*[\[[:lower:]\]]){1})(?=(?:[\[[:digit:]\]\[[:punct:]\]\[[:lower:]\]]*[\[[:upper:]\]]){1})(?=(?:[\[[:alpha:]\]\[[:punct:]\]]*[\[[:digit:]\]]){1})(?=(?:[\[[:alnum:]\]]*[\[[:punct:]\]]){1})(?:([\[[:alnum:]\]\[[:punct:]\]])\1?(?!\1))+$
The breakdown:
^(?=.{8,20}$) - Positive lookahead that the string is between 8 and 20 chars
(?!(?:.*[01IiLlOo])) - Negative lookahead for any blacklisted chars
(?=(?:[\[[:digit:]\]\[[:punct:]\]]*[\[[:alpha:]\]]){2}) - Verify that at least 2 alpha chars exist
(?=(?:[\[[:digit:]\]\[[:punct:]\]\[[:upper:]\]]*[\[[:lower:]\]]){1}) - Verify that at least 1 lowercase alpha exists
(?=(?:[\[[:digit:]\]\[[:punct:]\]\[[:lower:]\]]*[\[[:upper:]\]]){1}) - Verify that at least 1 uppercase alpha exists
(?=(?:[\[[:alpha:]\]\[[:punct:]\]]*[\[[:digit:]\]]){1}) - Verify that at least 1 digit exists
(?=(?:[\[[:alnum:]\]]*[\[[:punct:]\]]){1}) - Verify that at least 1 special/punctuation char exists
(?:([\[[:alnum:]\]\[[:punct:]\]])\1?(?!\1))+$ - Verify that no char is repeated more than twice in a row