I have a requirement to develop a password validation with the following criteria:
- at least one upper case letter;
- at least one lower case letter;
- at least on digit;
- may include some special characters;
- must have a length between 8 and 12;
I have developed this:
(?=.*\d)(?=.*[A-Z])(?=.*[a-z])(?=.*[!#$&%*_+-=?|]).{8,12}
But recently, the requirements have changed and I need to implement a black list of characters, for example:
- password must not have the letter "o" or "O"; // lower case and upper case O for Oscar
- password must not have the digit 0; // number zero
How do I go about keeping the initial requirements and add these new validations?
Thanks
JB
Problem is hyphen appearing in the middle of character class. Hyphen can remain unescaped only when it is first or last in character class so following regex should work:
(?!.*[oO0])(?=.*\d)(?=.*[A-Z])(?=.*[a-z])(?=.*[!#$&%*+=?|-]).{8,12}
Live Demo: http://www.rubular.com/r/AI928rE8Aj
Related
This is my regex which restricts any characters other than numbers -(minus) and .(dot)
Regex is as follows
(?!^-)[^0-9\.]
which allows - (minus) only at the start, But i would like to know If i can allow .(dot) only once and restrict the user to type the next .(dot)
My code
oninput => "this.value = this.value.replace(/(?!^-)[^0-9\.]/g,'')"
You want to allow:
Optional leading minus (-?)
At least one digit (\d+)
Optional suffix: a dot, followed by at least one digit (\.\d+)
An appropriate regex is:
^-?\d+(?:\.\d+)?$
As I understand, the user is to be restricted to entering the string representation of an integer or float (possibly negative), and that restrictions are to be imposed on a character-to-character basis. You therefore need a sequence of dynamically-constructed regular expressions that each match a single-character string.
I assume the user enters RETURN to signal that no more characters are to be entered. The user is to be permitted to enter RETURN only when the previous entry was a digit.
Define r = /[-\d]/.
The first character entered must match r.
If the first character entered is '-', set r = /\d/, else (as the first character was a digit) set r = /[\d.]/.
If the previous character was a period update r = /\d/ and require the user to enter a character that matches r (i.e, a digit); else the user may press RETURN or enter a character that matches r (which could be /\d/ or /[\d.]/).
Repeat step 4 until the user presses RETURN.
Note that, in step 4, once r is set /\d/ it remains at that value until the user presses RETURN.
If a user entry (including RETURN) is rejected it would be helpful to display a message giving the reason for it being rejected.
I am new in regular expression.
I want to validate my password which must contains any three from below:
One digit
one Lower letter
one Upper case Letter
One special letter from this set of characters
.~^;:?=##${}|_()*,-
If any user enters One digit, One lower case letter, One Upper case letter and Special letter not from above group i.e 1234S%n&, expression should return false.
I have tried below expression :
(?=.*\d)(?=.*[A-Z])(?=.*[a-z]).*$|(?=.*\d)(?=.*[A-Z])(?=.*[.~^;:?=##${}|_()*,-])(?!.*[+&%<>]).*$|(?=.*\d)(?=.*[a-z])(?=.*[.~^;:?=##${}|_()*,-])(?!.*[&+%<>]).*$|(?=.*[A-Z])(?=.*[a-z])(?=.*[.~^;:?=##${}|_()*,-])(?!.*[&+%<>]).*$
Please help me to solve my confusion
Match "at least n criteria, any of the following" is not very easy to do in a single regex.
I would recommend against it, and doing it in multiple steps (quick&dirty pseudo code):
password = "1234S%x"
i = 0
// only allowed characters are in the string
char_validated = password.find("^[a-zA-Z0-9.~^;:?=##${}|_()*,-]+$")
if password.find("[0-9]") then i++ // check for at least one digit
if password.find("[a-z]") then i++ // check for at least one lowercase
if password.find("[A-Z]") then i++ // check for at least one uppercase
if password.find("[.~^;:?=##${}|_()*,-]") then i++ // check for at least one special
if (i>=3 && char_validated) then ok
If you really need to do it in one regex, you could use your refactored not-easy-on-the-eye regex:
^(?:(?=.*\d)(?:(?=.*[A-Z])(?=.*[a-z])|(?=.*[A-Z])(?=.*[.~^;:?=##${}|_()*,-])|(?=.*[a-z])(?=.*[.~^;:?=##${}|_()*,-]))|(?=.*[A-Z])(?=.*[a-z])(?=.*[.~^;:?=##${}|_()*,-]))[a-zA-Z0-9.~^;:?=##${}|_()*,-]+$
See demo here.
The idea is, instead of allowing anything after checking with lookaheads, to force the allowed characters with [a-zA-Z0-9.~^;:?=##${}|_()*,-]
I have been searching for regular expression which accepts at least two digits and one special character and minimum password length is 8. So far I have done the following: [0-9a-zA-Z!##$%0-9]*[!##$%0-9]+[0-9a-zA-Z!##$%0-9]*
Something like this should do the trick.
^(?=(.*\d){2})(?=.*[a-zA-Z])(?=.*[!##$%])[0-9a-zA-Z!##$%]{8,}
(?=(.*\d){2}) - uses lookahead (?=) and says the password must contain at least 2 digits
(?=.*[a-zA-Z]) - uses lookahead and says the password must contain an alpha
(?=.*[!##$%]) - uses lookahead and says the password must contain 1 or more special characters which are defined
[0-9a-zA-Z!##$%] - dictates the allowed characters
{8,} - says the password must be at least 8 characters long
It might need a little tweaking e.g. specifying exactly which special characters you need but it should do the trick.
There is no reason, whatsoever, to implement all rules in a single regex.
Consider doing it like thus:
Pattern[] pwdrules = new Pattern[] {
Pattern.compile("........"), // at least 8 chars
Pattern.compile("\d.*\d"), // 2 digits
Pattern.compile("[-!"ยง$%&/()=?+*~#'_:.,;]") // 1 special char
}
String password = ......;
boolean passed = true;
for (Pattern p : pwdrules) {
Matcher m = p.matcher(password);
if (m.find()) continue;
System.err.println("Rule " + p + " violated.");
passed = false;
}
if (passed) { .. ok case.. }
else { .. not ok case ... }
This has the added benefit that passwort rules can be added, removed or changed without effort. They can even reside in some ressource file.
In addition, it is just more readable.
Try this one:
^(?=.*\d{2,})(?=.*[$-/:-?{-~!"^_`\[\]]{1,})(?=.*\w).{8,}$
Here's how it works shortly:
(?=.*\d{2,}) this part saying except at least 2 digits
(?=.*[$-/:-?{-~!"^_[]]{1,})` these are special characters, at least 1
(?=.*\w) and rest are any letters (equals to [A-Za-z0-9_])
.{8,}$ this one says at least 8 characters including all previous rules.
Below is map for current regexp (made with help of Regexper)
UPD
Regexp should look like this ^(?=(.*\d){2,})(?=.*[$-\/:-?{-~!"^_'\[\]]{1,})(?=.*\w).{8,}$
Check out comments for more details.
Try this regex. It uses lookahead to verified there is a least two digits and one of the special character listed by you.
^(?=.*?[0-9].*?[0-9])(?=.*[!##$%])[0-9a-zA-Z!##$%0-9]{8,}$
EXPLANATION
^ #Match start of line.
(?=.*?[0-9].*?[0-9]) #Look ahead and see if you can find at least two digits. Expression will fail if not.
(?=.*[!##$%]) #Look ahead and see if you can find at least one of the character in bracket []. Expression will fail if not.
[0-9a-zA-Z!##$%0-9]{8,} #Match at least 8 of the characters inside bracket [] to be successful.
$ # Match end of line.
Regular expressions define a structure on the string you're trying to match. Unless you define a spatial structure on your regex (e.g. at least two digits followed by a special char, followed by ...) you cannot use a regex to validate your string.
Try this : ^.*(?=.{8,15})(?=.*\d)(?=.*\d)[a-zA-Z0-9!##$%]+$
Please read below link for making password regular expression policy:-
Regex expression for password rules
This question already has answers here:
Regexp Java for password validation
(17 answers)
Closed 8 years ago.
Working on a project where it requires me to have a password field using pattern attribute.
Not really done a lot of regex stuff and was wondering whether someone could help out.
The requirements for the field are as follows:
Can't contain the word "password"
Must be 8-12 in length
Must have 1 upper case
Must have 1 lower case
Must have 1 digit
Now, so far I have the following:
[^(password)].(?=.*[0-9])?=.*[a-zA-Z]).{8,12}
This doesn't work. We can get it so everything else works, apart from the password string being matched.
Thanks in advance,
Andy
EDIT: the method we've used now (nested in comments below) is:
^(?!.*(P|p)(A|a)(S|s)(S|s)(W|w)(O|o)(R|r)(D|d)).(?=.*\d)(?=.*[a-zA-Z]).{8,12}$
Thanks for the help
Use a series of anchored look aheads for the :must contain" criteria:
^(?!.*(?i)password)(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,12}$
I've added the "ignore case" switch (?i) to the "password" requirement, so it will reject `the word no matter the case of the letters.
This regex should to the job:
^(?!.*password)(?=.*\d)(?=.*[A-Z])(?=.*[a-z]).{8,12}$
it will match:
^ // from the beginning of the input
(?!.*password) // negative lookbehind whether the text contains password
(?=.*\d+) // positive lookahead for at least one digit
(?=.*[A-Z]+) // positive lookahead for at least one uppercase letter
(?=.*[a-z]+) // positive lookahead for at least one lowercase letter
.{8,12} // length of the input is between 8 and 12 characters
$
Link to phpliveregex
Try This:
^(?!.*password)(?=.*[A-Z])(?=.*[0-9])(?=.*[a-z]).{8,12}$
Explanation
^ Start anchor
(?=.*[A-Z]) Ensure string has one uppercase letter
(?=.*[0-9]) Ensure string has one digits.
(?=.*[a-z]) Ensure string has one lowercase letter
{8,12} Ensure string is of length 8 - 12.
(?!.*password) Not of word password
$ End anchor.
Try this way
Public void validation()
string xxxx = "Aa1qqqqqq";
if (xxxx.ToUpper().Contains("password") || !(xxxx.Length <= 12 & xxxx.Length >= 8) || !IsMatch(xxxx, "(?=.*[A-Z])") || !IsMatch(xxxx, "(?=.*[a-z])") || !IsMatch(xxxx, "(?=.*[0-9])"))
{
throw new System.ArgumentException("Your error message here", "Password");
}
}
public bool IsMatch(string input, string pattern)
{
Match xx = Regex.Match(input, pattern);
return xx.Success;
}
I have a requirement for password rules. Following are the rules.
The password must follow the following guidelines:
Be at least eight characters long
Contain 3 of these 4 options: lower case letter, upper case letter, number, or special character
When user specifies a password that does not meet the above rules, return message stating:
Password must be at least 8 characters long and contain 3 of the 4 following options:
Lower case letter (a-z)
Upper case letter (A-Z)
Number (0-9)
Special character (!##$%^&')
Please help me to get a regex expression to handle above conditions.
i appreciate all your help. following is the solution for my requirement
if(password.matches("^(?=.*[0-9]).{1,}$")){
validCount++;
}
if(password.matches("^(?=.*[a-z]).{1,}$")){
validCount++;
}
if(password.matches("^(?=.*[A-Z]).{1,}$")){
validCount++;
}
if(password.matches("^(?=.*[##$%^&+=]).{1,}$")){
validCount++;
}
return validCount >= 3 ? true : false;
Thanks,
Ramki
This is, if you want an elegant regex, as close as you can get
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!##$%^&'])[^ ]{8,}$
The basic idea is to use a technique called "positive lookahead" :
(?=.*PutHereWhatYouWantToAllow)
Your extra requirement 3 out of 4 is not easy to solve with regexes cause you cannot make them count basically.
You could write out the necessary permutations of the above regex (tell me if it doesn't make sense) but that would make a very long regex.
What you could do is write out the permutations in code so that the regex stays maintainable since you are not repeating the patterns literally.
I'll have a shot if I you tell me your language (C#?) cause it's a good challenge.
Update 1
Here is the regex that will match at least 3 of your requirements (4 is also allowed), just for the challenge of it. Don't use this in production but loop in the language with individual regexes as mentioned in the comments.
^((?=.[a-z].[A-Z].[\d])|(?=.[a-z].[\d].[A-Z])|(?=.[A-Z].[a-z].[\d])|(?=.[A-Z].[\d].[a-z])|(?=.[\d].[a-z].[A-Z])|(?=.[\d].[A-Z].[a-z])|(?=.[a-z].[A-Z].[!##$%^&'])|(?=.[a-z].[!##$%^&'].[A-Z])|(?=.[A-Z].[a-z].[!##$%^&'])|(?=.[A-Z].[!##$%^&'].[a-z])|(?=.[!##$%^&'].[a-z].[A-Z])|(?=.[!##$%^&'].[A-Z].[a-z])|(?=.[a-z].[\d].[!##$%^&'])|(?=.[a-z].[!##$%^&'].[\d])|(?=.[\d].[a-z].[!##$%^&'])|(?=.[\d].[!##$%^&'].[a-z])|(?=.[!##$%^&'].[a-z].[\d])|(?=.[!##$%^&'].[\d].[a-z])|(?=.[A-Z].[\d].[!##$%^&'])|(?=.[A-Z].[!##$%^&'].[\d])|(?=.[\d].[A-Z].[!##$%^&'])|(?=.[\d].[!##$%^&'].[A-Z])|(?=.[!##$%^&'].[A-Z].[\d])|(?=.[!##$%^&'].[\d].[A-Z]))[^ ]{8,}$
Update 2
This is the approach to take in java
From the comments I read that you are testing like the following
lowercase "^[a-z]*$";
uppercase "^[A-Z]*$";
digits="^[0-9]*$";
I don't think you are on the right track here. The lowercase will only report success if all characters are lowercase, and not just one. Same remark for the rest.
These are the 4 individual regexes of which at least 3 should report a match
[a-z]
[A-Z]
\d
[!##$%^&']
Here is the test that the password should not contain a space
^[^ ]*$
The test for at least 8 characters
.{8,}
So I split the requirements and not combine them. This should make for more readable code especially if one starts with regexes.
Here's how I would do it:
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class ValidatePassword
{
public static void main (String[] args)
{
String pw = "abaslkA3FLKJ";
// create an array with 4 regex patterns
Pattern [] patternArray = {
Pattern.compile("[a-z]"),
Pattern.compile("[A-Z]"),
Pattern.compile("[0-9]"),
Pattern.compile("[&%$#]")
};
int matchCount = 0;
// iterate over the patterns looking for matches
for (Pattern thisPattern : patternArray) {
Matcher theMatcher = thisPattern.matcher(pw);
if (theMatcher.find()) {
matchCount ++;
}
}
if (matchCount >= 3) {
System.out.println("Success");
}
else {
System.out.println("Failure: only " + matchCount + " matches");
}
}
}
I only added a few special characters to the 4th pattern... You'll have to modify it for your needs. You may need to escape certain characters with a backslash. You may also want to add other constraints like checking for no spaces. I'll leave that up to you.