This question already has answers here:
Regex for password must contain at least eight characters, at least one number and both lower and uppercase letters and special characters
(42 answers)
Closed 3 years ago.
The requirements I've been set are...
MUST match (1 minimum character/number):
1 number (?=.*\d)
1 lower case character (?=.*[a-z])
1 upper case character (?=.*[A-Z])
no whitespace (?!.*\s)
Between 8 and 40 characters .{8,40}
CAN match, but doesn't have to:
Special characters limited to $*%!.,^
This is what I have so far: /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?!.*\s).{8,40}/
I'd like to keep it segmented out the way I do for readability - Unless there's a reason not to?! Happy to change if there are any performance benefits, or if I've done something silly/pointless?
The above works for the most part, including my special characters. However, when I type in a "restricted" character, such as #, it still matches.
I'm a bit lost, so any help would be very much appreciated! Thank you!
Examples of what SHOULD match:
abcABC123
aaBB33!!
!a*Bc9!.abBC*4
Examples of what SHOULD NOT match:
abc ABC 123
abc#ABC?123
áááBBB333
Restrictions:
Anything that is NOT a-z A-Z 0-9 or $*%!.,^ is considered a restricted character
You can use:
^(?=\D*\d)(?=[^a-z]*[a-z])(?=[^A-Z]*[A-Z])[a-zA-Z\d$*%!.,^]{8,40}$
^(?=\D*\d) - require a digit somewhere
(?=[^a-z]*[a-z]) - require a lowercase char somewhere
(?=[^A-Z]*[A-Z]) - require a uppercase char somewhere
[a-zA-Z\d$*%!.,^]{8,40}$ - from start to finish require 8 to 40 of these whitelisted chars in any order
Test your strings one at a time at https://regex101.com/r/lrABwJ/1
Related
I tried this expression -
^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!#$%^&*-]).{8,}$
This regex will enforce these rules:
At least one upper case English letter, (?=.*?[A-Z])
At least one lower case English letter, (?=.*?[a-z])
At least one digit, (?=.*?[0-9])
At least one special character, (?=.*?[#?!#$%^&*-])
Minimum eight in length .{8,} (with the anchors)
How will be the regular expression for below requirement.
Passwords that are 13 characters or longer only require lower case
letters
Passwords must contain at least 8 characters
Passwords between 8 and 13 characters require at least 3 of the
following 4 categories of characters:
Uppercase letters
Lowercase letters
Numbers
Symbols
While a single regex may not be the most readable / sane way to do this, it's actually rather straightforward:
^(?=.*?[a-z])(.{13,}|(?=.*?[A-Z])(?=.*?[0-9])(?=.*?[#?!#$%^&*-]).{8,12})$
I've simply added an alteration on the length so that 13+ chars merely requires [a-z] while 8-12 chars (one could omit the upper bound due to ordering) requires the full monty.
This question already has answers here:
Regular expression to match at least two special characters in any order
(3 answers)
javascript regex for special characters
(15 answers)
Closed 3 years ago.
I am not very confortable with regex. I would like the password to have a minimum of 6 characters, including 2 special characters
I tried a first regex but it just returns false each time...
console.log(/^[a-zA-Z0-9!$#%]+$/.test(this.form.password));
I can test the number of characters another way but I would like to include the two special characters through the regex.
Thanks a lot in advance for your help
First lookahead for 6 characters, to ensure that enough exist in the input. Then, repeat twice: 0 or more normal characters, followed by a special character, to ensure that there are at least 2 special characters in the input. Then match 0 or more [special or normal] characters.
/^(?=.{6})(?:[a-z\d]*[!$#%]){2}[a-z\d!$#%]*$/i
https://regex101.com/r/ZyFZPm/2
^ - Start of string
(?=.{6}) - At least 6 characters
(?:[a-z\d]*[!$#%]){2} - Repeat twice:
[a-z\d]* - 0+ alphanumeric characters
[!$#%] - 1 special character
[a-z\d!$#%]* - Match both special and alphanumeric characters up to the end of the string
$ - End of string
This question already has an answer here:
Reference - What does this regex mean?
(1 answer)
Closed 6 years ago.
This is the javascript regular expression I'm confused about. I know that (?=) is the positive lookahead, but is there suppose to have a main expression before that?
/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])\w{8,}$/
The answer says it matches a password which is:
at least
one number, one lowercase and one uppercase letter and at least 8 characters that
are letters, numbers or the underscore
But I don't see why. Can somebody explain a little?
Let's break it down:
/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])\w{8,}$/
^ // Match the start of the string
(?=.*\d) // Make sure the string contains at least one digit
(?=.*[a-z]) // Make sure the string contains at least one lowercase letter
(?=.*[A-Z]) // Make sure the string contains at least one uppercase letter
\w{8,} // Match at least eight word characters (alphanumeric or underscore)
$ // Match the end of the string
(?=.*PATTERN) is a common way to ensure that a match string contains PATTERN.
It works because .* matches anything (except newline characters); the lookahead literally means "This regex should only match if you find PATTERN after something."
This question already has answers here:
Regex for password must contain at least eight characters, at least one number and both lower and uppercase letters and special characters
(42 answers)
Regular Expression for alphanumeric with first alphabet and at least one alphabet and one number
(2 answers)
Closed 7 years ago.
Disclaimer: This is a Codewars problem.
You need to write regex that will validate a password to make sure it
meets the following criteria:
At least six characters long
contains a lowercase letter
contains an uppercase letter
contains a number
Valid passwords will only be
alphanumeric characters.
So far, this is my attempt:
function validate(password) {
return /^[A-Za-z0-9]{6,}$/.test(password);
}
What this does so far is make sure that each character is alphanumeric and that the password has at least 6 characters. It seems to work properly in those regards.
I am stuck on the part where it requires that a valid password have at least one lowercase letter, one uppercase letter, and one number. How can I express these requirements along with the previous ones using a single regular expression?
I could easily do this in JavaScript, but I wish to do it through a regular expression alone since this is what the problem is testing.
You need to use lookaheads:
function validate(password) {
return /^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])[A-Za-z0-9]{6,}$/.test(password);
}
Explanation:
^ # start of input
(?=.*?[A-Z]) # Lookahead to make sure there is at least one upper case letter
(?=.*?[a-z]) # Lookahead to make sure there is at least one lower case letter
(?=.*?[0-9]) # Lookahead to make sure there is at least one number
[A-Za-z0-9]{6,} # Make sure there are at least 6 characters of [A-Za-z0-9]
$ # end of input
I'm trying to get regex for minimum requirements of a password to be minimum of 6 characters; 1 uppercase, 1 lowercase, and 1 number. Seems easy enough? I have not had any experience in regex's that "look ahead", so I would just do:
if(!pwStr.match(/[A-Z]+/) || !pwStr.match(/[a-z]+/) || !pwStr.match(/[0-9]+/) ||
pwStr.length < 6)
//was not successful
But I'd like to optimize this to one regex and level up my regex skillz in the process.
^.*(?=.{6,})(?=.*[a-zA-Z])(?=.*\d)(?=.*[!&$%&? "]).*$
^.*
Start of Regex
(?=.{6,})
Passwords will contain at least 6 characters in length
(?=.*[a-zA-Z])
Passwords will contain at least 1 upper and 1 lower case letter
(?=.*\d)
Passwords will contain at least 1 number
(?=.*[!#$%&? "])
Passwords will contain at least given special characters
.*$
End of Regex
here is the website that you can check this regex - http://rubular.com/
Assuming that a password may consist of any characters, have a minimum length of at least six characters and must contain at least one upper case letter and one lower case letter and one decimal digit, here's the one I'd recommend: (commented version using python syntax)
re_pwd_valid = re.compile("""
# Validate password 6 char min with one upper, lower and number.
^ # Anchor to start of string.
(?=[^A-Z]*[A-Z]) # Assert at least one upper case letter.
(?=[^a-z]*[a-z]) # Assert at least one lower case letter.
(?=[^0-9]*[0-9]) # Assert at least one decimal digit.
.{6,} # Match password with at least 6 chars
$ # Anchor to end of string.
""", re.VERBOSE)
Here it is in JavaScript:
re_pwd_valid = /^(?=[^A-Z]*[A-Z])(?=[^a-z]*[a-z])(?=[^0-9]*[0-9]).{6,}$/;
Additional: If you ever need to require more than one of the required chars, take a look at my answer to a similar password validation question
Edit: Changed the lazy dot star to greedy char classes. Thanks Erik Reppen - nice optimization!
My experience is if you can separate out Regexes, the better the code will read. You could combine the regexes with positive lookaheads (which I see was just done), but... why?
Edit:
Ok, ok, so if you have some configuration file where you could pass string to compile into a regex (which I've seen done and have done before) I guess it is worth the hassle. But otherwise, Even if the answers provided are corrected to match what you need, I'd still advise against it unless you intend to create such a thing. Separate regexes are just so much nicer to deal with.
I haven't tested thoroughly but here's a more efficient version of Amit's. I think his also allowed unspecified characters into the mix (which wasn't technically listed as a rule). This one won't go berserk on you if you accidentally target a large hunk of text, it will fail sooner on strings that are too long and it only allows the characters in the final class.
'.' should be used sparingly. Think of the looping it has to do to determine a match with all the characters it can represent. It's much more efficient to use negating classes.
`^(?=[^0-9]{0,9}[0-9])(?=[^a-z]{0,9}[a-z])(?=[^A-Z]{0,9}[A-Z])(?=[^##$%]{0,9}[##$%])[0-9a-zA-Z##$%]{6,10`}$
There's nothing wrong with trying to find the ideal regEx. But split it up when you need to.
RegEx tends to be explained poorly. I'll add a breakdown:
a - a single 'a' character
ab - a single 'a' character followed by a single b character
a* - 0 or more 'a' characters
a+ - one or more 'a' characters
a+b - one or any number of a characters followed by a single b character.
a{6,} - at least 6 'a' characters (would match more)
a{6,10} - 6-10 'a' characters
a{10} - exactly 10 'a' characters iirc - not very useful
^ - beginning of a string - so ^a+ would not math 'baaaa'
$ - end of a string - b$ would not find a match 'aaaba'
[] signifies a character class. You can put a variety of characters inside it and every character will be checked. By itself only whatever string character you happen to be on is matched against. It can be modified by + and * as above.
[ab]+c - one or any number of a or b characters followed by a single c character
[a-zA-Z0-9] - any letter, any number - there are a bunch of \<some key> characters representing sets like \d for 'digits' I'm guessing. \w iirc is basically [a-zA-Z_]
note: '\' is the escape key for character classes. [a\-z] for 'a' or '-' or 'z' rather than anything from a to z which is what [a-z] means
[^<stuff>] a character class with the caret in front means everything but the characters or <stuff> listed - this is critical to performance in regEx matches hitting large strings.
. - wildcard character representing most characters (exceptions are a handful of really old-school whitespace characters). Not a big deal in very small sets of characters but avoid using it.
(?=<regex stuff>) - a lookahead. Doesn't move the parser further down the string if it matches. If a lookahead fails, the whole match fails. If it succeeds, you go back to the same character before it. That's why we can string a bunch together to search if there's at least one of a given character.
So:
^ - at the beginning followed by whatever is next
(?=[^0-9]{0,9}[0-9]) - look for a digit from 0-9 preceded by up to 9 or 0 instances of anything that isn't 0-9 - next lookahead starts at the same place
etc. on the lookaheads
[0-9a-zA-Z##$%]{6,10} - 6-10 of any letter, number, or ##$% characters
No '$' is needed because I've limited everything to 10 characters anyway