I'm trying to make a regex for allowing only strong passwords, strong in this case being defined as:
Must start with a letter (either uppercase or lowercase)
Must have at least 8 and up to 12 characters
Must have at least one uppercase letter
Must have at least three lowercase letters
Must have at least two numbers
Must have at least two special characters
Maximum number of identical consecutive characters is three
Now, last one is giving me trouble. How do I count consecutive characters?
For example, FOOfoo!?123 should work, but FOOOfoo!?12 should not (because or three esses).
What I've got so far:
^[A-Za-z]{1}(?=.*[A-Z]{1,})(?=.*[a-z]{3,})(?=.*[0-9]{2,})(?=.*[!?#*#&$]{2,}).{8,12}$
One more thing: something is amiss, because my regex above claims strings like FooFoo!?123 are invalid. I think it's because it only checks for one or more uppercase letters or three or more lowercase letters or numbers or specials, but I don't want that, I want that is the password contains three lowercase letters in total, it should be valid. How do I do that?
When you have so many conditions, it might be a good idea - provided your environment allows that - to split the regex and check each condition separately.
If you cannot do that, here is a free-spacing version of the fixed regex:
^ # start of string
(?=[^A-Z]*[A-Z]) # At least 1 uppercase ASCII letter
(?=(?:[^a-z]*[a-z]){3}) # at least 3 lowercase ASCII letters
(?=(?:[^0-9]*[0-9]){2}) # at least 2 ASCII digits
(?=(?:[^!?#*#&$]*[!?#*#&$]){2}) # at least 2 special symbols
(?!.*(.)\1{2}) # No 3 consecutive characters
[A-Za-z] # An ASCII letter
.{7,11} # 7 to 11 any characters but newline
$ # end of string
As a one-liner:
^(?=[^A-Z]*[A-Z])(?=(?:[^a-z]*[a-z]){3})(?=(?:[^0-9]*[0-9]){2})(?=(?:[^!?#*#&$]*[!?#*#&$]){2})(?!.*(.)\1{2})[A-Za-z].{7,11}$
See the regex demo
Notes:
Must have at least three lowercase letters and similar conditions are implemented using the principle of contrast, i.e. before [a-z], we may have 0+ opposite chars matched with [^a-z].
To match the 3 letters globally, not consecutively, we need to use a limiting quantifier on the grouping, not on the character class, thus, [a-z]{3,} (=consecutive 3 or more lowercase letters) is turned into (?:[^a-z]*[a-z]){3} (=3 sequences of non-lowercase letters followed with 1 lowercase letter).
The condition you needed is (?!.*(.)\1{2}) - a negative lookahead ((?!...)) that checks for the presence of any character captured with (.) that is repeated twice after it with the \1 backreference and {2} limiting quantifier set on the backreference. And .* means that the repeated characters may appear anywhere in the string.
Related
Hello guys I'm trying to match the following regex:
Minimum characters: 8
Maximum characters: 22
Minimum uppercase letters: 1
Minimum lowercase letters: 1
Minimum digits: 2
Special characters are allowed
First character must be a letter
Maximum consecutive identical characters: 2
I've manage to complete every condition but the consecutive ones with:
(?=^.{8,22}$)(?=(.*\d){2})(?=(.*[A-Z]))^[a-zA-Z].*$
Following the post RegEx No more than 2 identical consecutive characters and a-Z and 0-9 I've seen that the way of not matching exact characters is:
((.)\2?(?!\2))+
But I'm unable to mix them both and have the full matching result. The tries are being done here: https://regex101.com/r/94KaXO/1/ where the first string should match but not the second one.
Thanks in advance.
You can use
^(?=.{8,22}$)(?!.*(.)\1{2})(?=(?:\D*\d){2})(?=[^A-Z]*[A-Z])(?=[^a-z]*[a-z])[a-zA-Z].*$
See the regex demo.
Details:
^ - start of string
(?=.{8,22}$) - 8 to 22 chars other than line break chars are allowed in the string
(?!.*(.)\1{2}) - no 3 consecutive identical chars allowed anywhere after zero or more chars other than line break chars as many as possible
(?=(?:\D*\d){2}) - there must be at least 2 not necessarily consecutive digits in the string
(?=[^A-Z]*[A-Z]) - there must be at least one uppercase letter in the string
(?=[^a-z]*[a-z]) - there must be at least 2 one lowercase letter in the string
[a-zA-Z] - a letter
.* - zero or more chars other than line break chars, as many as possible
$- end of string.
I am building a secured algorithm to get rid of obfuscation attacks. The user is validated with the token which should satisfy following condition:
username in lowercase letters only and username is at least 5 digit long.
username is followed with #.
After # first two characters are important. A digit and a character always. This part contains at least a digit, a lowercase and an upperCase Letter.
In between there could be any number of digits or letters only.
In the last the digit and character should exactly match point-3's digit and character.
It should end with #.
The characters in the middle of two # should be at least 5 characters long.
The complete token consists only of two #, lowercase and uppercase letters and digits. And
I don't know about regular expression but my guide told me this task is easily achieved at validation time by regular expressions. After I looked for long on the internet and found some links which are similar and tried to combine them and got this:
^[a-z]{5,}#[a-zA-Z0-9]{2}[A-Z][0-9A-Za-z]*[a-zA-Z0-9]{2}#$
But this only matches 1 test case. I don't know how I can achieve the middle part of two hashes. I tried to explain my problem as per my english. Please help.
Below test cases should pass
userabcd#4a39A234a#
randomuser#4A39a234A#
abcduser#2Aa39232A#
abcdxyz#1q39A231q#
randzzs#1aB1a#
Below test cases should fail:
randuser#1aaa1a#
randuser#1112#
randuser#a1a1##
randuser#1aa#
u#4a39a234a#
userstre#1qqeqe123231q$
user#1239a23$a#
useabcd#4a39a234a#12
You may try:
^[a-z]{5,}#(?=[^a-z\n]*[a-z])(?=[^A-Z\n]*[A-Z])(\d[a-zA-Z])[a-zA-Z\d]*\1#$
Explanation of the above regex:
^, $ - Represents start and end of the line respectively.
[a-z]{5,} - Matches lower case user names 5 or more times.
# - Matches # literally.
(?=[^a-z]*[a-z]) - Represents a positive look-ahead asserting at least a lowercase letters.
(?=[^A-Z]*[A-Z]) - Represents a positive look-ahead asserting at least an uppercase letters.
(\d[a-zA-Z]) - Represents a capturing group matching first 2 character i.e. a digit and a letter. If you want other way then use [a-zA-Z]\d.
[a-zA-Z\d]* - Matching zero or more of the characters in mentioned character set.
\1 - Represents back-reference exactly matching the captured group.
You can find the demo of the above regex in here.
Note: If you want to match one string at a time i.e. for practical purposes; remove \n from the character sets.
You can use this regex as an alternative.
^[a-z]{5,}#(?=.*?[a-z])(?=.*?[A-Z])(\d[a-zA-Z])[a-zA-Z\d]*\1#$
Recommended reading: Principle of contrast
The question is pretty much in the title. I need to check if a string is alphanumerical only - no special characters, and that is contains at least one lowercase letter, at least one uppercase letter, at least one number.
passWORD1 validates, password2, PASSWORD3, passWORD, passWORD5*, psWD6 would not.
It is similar to Regex to check if a string contains at least A-Za-z0-9 but not an &, but does not meet all the criteria. I also could go with iterating through the criteria, but I really need a regex to feed it to validate.js module (so JS/Node), which will only throw one a single error stating all the password criteria at once)
You should try this:
"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$"
^ Start of the string
(?=.*[a-z]) lowercase validation
(?=.*[A-Z]) uppercase validation
(?=.*\d) numbers validation
[a-zA-Z\d] characters allowed
{8,} minimum size (you can put the maximum after the comma)
$ End of the String
The regex you need fulfilling all your requirement is this,
^(?=[A-Z0-9]*[a-z])(?=[a-zA-Z]*[0-9])(?=[a-z0-9]*[A-Z])[a-zA-Z0-9]{8,}$
You basically need three positive look aheads to ensure meeting your three conditions of minimum presence of three kind of characters and finally consume the alphanumeric characters using a character set followed by quantifier as mentioned in the regex.
Explanation:
^ - Start of string
(?=[A-Z0-9]*[a-z]) - Look ahead to ensure at least one lower case alphabet
(?=[a-zA-Z]*[0-9]) - Look ahead to ensure at least one digit
(?=[a-z0-9]*[A-Z]) - Look ahead to ensure at least one upper case alphabet
[a-zA-Z0-9]{8,} - Captures eight or more alphanumeric characters
$ - Matches end of string
Regex Demo
Is there a regex in Java that allows alphanumeric characters (both upper and lower case), has to start with a letter, could end with a letter or a digit and also contain hyphens in the middle?
I have ^[a-zA-Z][A-Za-z0-9-]$ but not sure if it could work for all cases.
^[A-Za-z]([A-Za-z0-9-]*[A-Za-z0-9])?$
^[A-Za-z]: starting with a letter
(...)?$: optionally followed by this group, and end in it
[A-Za-z0-9-]*: any number of letters, digits and hyphens
[A-Za-z0-9]: one letter or digit
You need point 2 or you'll miss single-letter sequences, which are also valid accorrdding to your description
With Python, I do this:
(?i)^[a-z]([a-z\d-][a-z\d])?$
I need a regular expression that will match a string that contains:
at least one number
zero or more letters
no other characters such as spaces
The string must also be a minimum of 8 characters and a maximum of 13 characters.
Placement of the numbers and/or letters within the 8-13 character string does not matter. I haven't figured out how to make sure that the string contains a number, but here are some expressions that don't work because they are picking up spaces in the online tool Regexr. Take a look below:
- ([\w^/s]){8,13}
- ([a-zA-Z0-9]){8,13}
- ([a-zA-Z\d]){8,13}
I am specifically looking to exclude spaces and special characters. The linked and related questions all appear to allow for these characters. This is not for validating passwords, it is for detecting case numbers in natural language processing. This is different from "Password REGEX with min 6 chars, at least one letter and one number and may contain special characters" because I am looking for at least one number but zero or more letters. I also do not want to return strings that contain any special characters including spaces.
This is a typical password validation with your requirements.
Note that this will also match 8-13 digits as well (but it is requested).
Ten million + 1 (and counting) happy customers ..
^(?=.*\d)[a-zA-Z\d]{8,13}$
Explained
^ # Beginning of string
(?= .* \d ) # Lookahead for a digit
[a-zA-Z\d]{8,13} # Consume 8 to 13 alphanum characters
$ # End of string
I've seen the answer above (by sln) everywhere over the internet, but as far as I can tell, it is NOT ACCURATE.
If your string contains 8 to 13 characters with no numbers this expression will match it, because it uses the * quantifier on the wildcard character . in the positive lookahead.
In order to match at least 1 digit, 1 A-Z and 1 a-z in a password that's at least 8 characters long, you'll need something like this:
(?=.{1,7}\d)(?=.{1,7}[a-z])(?=.{1,7}[A-Z])[a-zA-Z\d]{8,13}
it uses 3 lookaheads:
(?=.{1,7}\d)
(?=.{1,7}[a-z])
(?=.{1,7}[A-Z])
each time, it looks for the target (eg the first digit) but allows 1 to 7 occurances of any character before it.
Then it will match 8 to 13 alphanumeric characters.
NOTE to Powershell users:
Use a search group to be able to extract a result
$password = [regex]::match($string-to-search,'(?=.{1,7}\d)(?=.{1,7}[a-z])(?=.{1,7}[A-Z])([a-zA-Z\d]{8,13})').Groups[1].Value