Check password valid using regex in javascript - javascript

The password must be eight characters or longer
The password must contain at least 2 lowercase alphabetical character.
The password must contain at least 2 uppercase alphabetical character.
The password must contain at least 2 numeric character.
The password must contain at least 2 special character.
My code
function checkPass(pw) {
var regx = new RegExp("^(?=.*[a-z]{2})(?=.*[A-Z]{2})(?=.*[0-9]{2})(?=.*[!##\$%\^&\*\)\(]{2})(?=.{8,})");
return regx.test(pw);
}
checkPass('PAssword12#$') => true
checkPass('PaSsword12#$') => false
I want to funtion return true when 2 uppercase character is not sequential.
Thanks!

You need to use the $ anchor to check for length (and best is to move that check out from lookaheads) and to allow some non-uppercase letters in between like this:
function checkPass(pw) {
var regx = /^(?=(?:[^a-z]*[a-z]){2})(?=(?:[^A-Z]*[A-Z]){2})(?=(?:\D*\d){2})(?=(?:[^!##$%^&*)(]*[!##$%^&*)(]){2}).{8,}$/;
return regx.test(pw);
}
document.write(checkPass('PAssword12#$') + "<br>");
document.write(checkPass('PaSsword12#$'));
Note that I used the principle of contrast: (?:[^a-z]*[a-z]){2} matches 2 sequences of symbols other than a-z zero or more times followed by 1 lowercase letter. I modified all the lookaheads the same way.

Rather than having [A-Z]{2} which will only match two uppercase characters together, you'll have to put in an optional match for any other characters in between two separate ranges (you'll have to do this for the lowercase, numbers and symbols as well). So you would instead put
[A-Z].*?[A-Z]
You also don't actually need to check whether it's at least 8 characters, because any password meeting the criteria for lowercase/uppercase letters, numbers and symbols has to be 8 characters at minimum anyway.

Related

Password regex that requires “at least two of” certain characters

Im working on javascript regex which includes having following conditions. So far with no luck.
-The minimum character count allowed is 8.
-The maximum character count allowed is 64.
-The entered text should include at least two of the following - numbers, lowercase letters, uppercase
letters, Special characters.
-Entering symbols will not be supported.
So far what I have is this #anubhava answer here.
^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!#$%^&*-]).{8,63}$
This regex will enforce these rules:
-At least one upper case English letter, (?=.*?[A-Z])
-At least one lower case English letter, (?=.*?[a-z])
-At least one digit, (?=.*?[0-9])
-At least one special character, (?=.?[#?!#$%^&-])
-Minimum eight in length .{8,63} (with the anchors)
My Question is how do I satify my 3rd and 4th conditions Which is :-
-The entered text should include at least two of the following - numbers, lowercase letters, uppercase
letters, Special characters.
-Entering symbols will not be supported.
Any help would be appreciated.
^(?!.*[^A-Za-z0-9#?!#$%^&*-]$)(?![a-z]*$)(?![A-Z]*$)(?![0-9]*$)(?![#?!#$%^&*-]*$).{8,64}$
The string should not contain any symbol outside the 4 groups of characters
^(?!.*[^A-Za-z0-9#?!#$%^&*-]$)
The string should not consist only of lower letters
(?![a-z]*$)
The string should not consist only of upper letters
(?![A-Z]*$)
The string should not consist only of digits
(?![0-9]*$)
The string should not consist only of special characters
(?![#?!#$%^&*-]*$)
The string should consist of 8 to 64 characters
.{8,64}$
UPDATED 2020-09-07
If the string should contain symbols of at list 3 groups of 4
^(?!.*[^A-Za-z0-9#?!#$%^&*-]$)((?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])|(?=.*[a-z])(?=.*[A-Z])(?=.*[#?!#$%^&*-])|(?=.*[a-z])(?=.*[0-9])(?=.*[#?!#$%^&*-])|(?=.*[A-Z])(?=.*[0-9])(?=.*[#?!#$%^&*-])).{8,64}$
The string should not contain any symbol outside the 4 groups of characters
^(?!.*[^A-Za-z0-9#?!#$%^&*-]$)
Then 4 variants of 3 groups of 4 that the symbols should be member of:
(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])
or
(?=.*[a-z])(?=.*[A-Z])(?=.*[#?!#$%^&*-])
or
(?=.*[a-z])(?=.*[0-9])(?=.*[#?!#$%^&*-])
or
(?=.*[A-Z])(?=.*[0-9])(?=.*[#?!#$%^&*-])
and finally the string should consist of 8 to 64 characters
.{8,64}$
var regex =/^(?=.*\d)(?=.*[!##$%^&*])(?=.*[a-z])(?=.*[A-Z]).{8,64}$/;
function test() {
if(regex.test(document.getElementById("txtPassword").value)===false)
{
alert("Min 8,Max 64,At Least One Uppercase Character,One Lowercase Character,One Numeric Value And One Special Character(!##$%^&*) Required ");
}
else
{
alert("Success");
}
}
<input type="text" id="txtPassword" />
<button id="testBtn" onclick=test()>CheckPassword</button>
Text includes at least two of the following - numbers, lowercase letters, uppercase letters, Special characters. No characters outside [A-Za-z0-9#?!#$%^&*-]
^(?=.*?[A-Z])(?=.*?[a-z])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$|^(?=.*?[A-Z])(?=.*?[0-9])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$|^(?=.*?[A-Z])(?=.*?[#?!#$%^&*-])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$|^(?=.*?[a-z])(?=.*?[0-9])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$|^(?=.*?[a-z])(?=.*?[#?!#$%^&*-])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$|^(?=.*?[0-9])(?=.*?[#?!#$%^&*-])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$
Text includes at least three of the following - numbers, lowercase letters, uppercase letters, Special characters. No characters outside [A-Za-z0-9#?!#$%^&*-]
^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$|^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[#?!#$%^&*-])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$|^(?=.*?[A-Z])(?=.*?[0-9])(?=.*?[#?!#$%^&*-])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$|^(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!#$%^&*-])(?!.*?[^A-Za-z0-9#?!#$%^&*-]).{8,63}$

JavaScript RegEx, check if string contains * symbol and follows a set of specific rules [duplicate]

I want a regular expression to check that:
A password contains at least eight characters, including at least one number and includes both lower and uppercase letters and special characters, for example #, ?, !.
It cannot be your old password or contain your username, "password", or "websitename"
And here is my validation expression which is for eight characters including one uppercase letter, one lowercase letter, and one number or special character.
(?=^.{8,}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$"
How can I write it for a password must be eight characters including one uppercase letter, one special character and alphanumeric characters?
Minimum eight characters, at least one letter and one number:
"^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d]{8,}$"
Minimum eight characters, at least one letter, one number and one special character:
"^(?=.*[A-Za-z])(?=.*\d)(?=.*[#$!%*#?&])[A-Za-z\d#$!%*#?&]{8,}$"
Minimum eight characters, at least one uppercase letter, one lowercase letter and one number:
"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$"
Minimum eight characters, at least one uppercase letter, one lowercase letter, one number and one special character:
"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$!%*?&])[A-Za-z\d#$!%*?&]{8,}$"
Minimum eight and maximum 10 characters, at least one uppercase letter, one lowercase letter, one number and one special character:
"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$!%*?&])[A-Za-z\d#$!%*?&]{8,10}$"
You may use this regex with multiple lookahead assertions (conditions):
^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!#$%^&*-]).{8,}$
This regex will enforce these rules:
At least one upper case English letter, (?=.*?[A-Z])
At least one lower case English letter, (?=.*?[a-z])
At least one digit, (?=.*?[0-9])
At least one special character, (?=.*?[#?!#$%^&*-])
Minimum eight in length .{8,} (with the anchors)
Regular expressions don't have an AND operator, so it's pretty hard to write a regex that matches valid passwords, when validity is defined by something AND something else AND something else...
But, regular expressions do have an OR operator, so just apply DeMorgan's theorem, and write a regex that matches invalid passwords:
Anything with less than eight characters OR anything with no numbers OR anything with no uppercase OR or anything with no lowercase OR anything with no special characters.
So:
^(.{0,7}|[^0-9]*|[^A-Z]*|[^a-z]*|[a-zA-Z0-9]*)$
If anything matches that, then it's an invalid password.
Use the following Regex to satisfy the below conditions:
Conditions:
Min 1 uppercase letter.
Min 1 lowercase letter.
Min 1 special character.
Min 1 number.
Min 8 characters.
Max 30 characters.
Regex:
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$#!%&*?])[A-Za-z\d#$#!%&*?]{8,30}$/
Just a small improvement for #anubhava's answer: Since special character are limited to the ones in the keyboard, use this for any special character:
^(?=.*?[A-Z])(?=(.*[a-z]){1,})(?=(.*[\d]){1,})(?=(.*[\W]){1,})(?!.*\s).{8,}$
This regex will enforce these rules:
At least one upper case English letter
At least one lower case English letter
At least one digit
At least one special character
Minimum eight in length
I had some difficulty following the most popular answer for my circumstances. For example, my validation was failing with characters such as ; or [. I was not interested in white-listing my special characters, so I instead leveraged [^\w\s] as a test - simply put - match non word characters (including numeric) and non white space characters. To summarize, here is what worked for me...
at least 8 characters
at least 1 numeric character
at least 1 lowercase letter
at least 1 uppercase letter
at least 1 special character
/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[^\w\s]).{8,}$/
JSFiddle Link - simple demo covering various cases
 
✅ The following 4 regex patterns can help you to write almost any password validation
 
 
Pattern 1:
 
Password must contain one digit from 1 to 9, one lowercase letter, one uppercase letter, one special character, no space, and it must be 8-16 characters long.
/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*\W)(?!.* ).{8,16}$/
 
Explanation:
 
(?=.*[0-9]) means that the password must contain a single digit from 1 to 9.
 
(?=.*[a-z]) means that the password must contain one lowercase letter.
 
(?=.*[A-Z]) means that the password must contain one uppercase letter.
 
(?=.*\W) means that the password must contain one special character.
 
.{8,16} means that the password must be 8-16 characters long. We must use this at the end of the regex, just before the $ symbol.
 
What are ^ and $:
 
^ indicates the beginning of the string. $ indicates the end of the string.
If we don't use these ^ & $, the regex will not be able to determine the maximum length of the password. In the above example, we have a condition that the password can't be longer than 16 characters, to make that condition work, we have used these ^ & $
 
Remove maximum length restriction:
 
Instead of .{8,16}, if we used .{8,}, it would mean that the password must be at least 8 characters long. So, there will not be any condition for checking the maximum length of the password.
 
Don't accept any number(digit):
 
Instead of (?=.*[0-9]), if we used (?!.*[0-9]), it would mean that the password must not contain any digit from 1-9 (Difference with the (?=.*[0-9]) is the use of ! instead of =)
 
Don't accept any spcecial character:
 
Instead of (?=.*\W), if we used (?!.*\W), it would mean that the password must not contain any special characters (The difference with the (?=.*\W) is the use of ! instead of =)
 
Alternative Syntax for number(digit):
 
Instead of (?=.*[0-9]), we could have used (?=.*\d). (?=.*\d) also means that the password must contain a single digit from 1 to 9.
 
 
Pattern 2:
 
Password must contain one digit from 1 to 9, one lowercase letter, one uppercase letter, one underscore but no other special character, no space and it must be 8-16 characters long.
/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*_)(?!.*\W)(?!.* ).{8,16}$/
 
Difference with the Pattern 1
 
Here, we have used (?=.*_) which wasn't on the Pattern 1.
 
(?=.*_)(?!.*\W) means that the password must contain an underscore but can not contain any other special character.
 
Pattern 3:
 
Password must contain one digit from 1 to 9, one lowercase letter, one uppercase letter, one underscore, no space and it must be 8-16 characters long. Usage of any other special character other than underscore is optional.
/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*_)(?!.* ).{8,16}$/
 
Difference with the Pattern 2
 
Here, we have not used (?!.*\W) what was on the Pattern 2.
 
But it still has the (?=.*_)
 
By just removing the (?!.*\W), special characters have become optional. Now, one underscore is required but any other special character can be used or not as it's optional.
 
Pattern 4:
 
Password must contain one digit from 1 to 9, one lowercase letter, one uppercase letter, and one underscore, and it must be 8-16 characters long. Usage of any other special character and usage of space is optional.
/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).{8,16}$/
 
Difference with the Pattern 3
 
Here, we have not used (?=.*_) & (?!.* ) which was on the Pattern 3.
 
By removing (?=.*_), it's no longer mandatory to pass one underscore. Now, passing special characters is optional.
 
By removing the (?!.* ), usage of space has become optional too.
I would reply to Peter Mortensen, but I don't have enough reputation.
His expressions are perfect for each of the specified minimum requirements. The problem with his expressions that don't require special characters is that they also don't ALLOW special characters, so they also enforce maximum requirements, which I don't believe the OP requested. Normally you want to allow your users to make their password as strong as they want; why restrict strong passwords?
So, his "minimum eight characters, at least one letter and one number" expression:
^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d]{8,}$
achieves the minimum requirement, but the remaining characters can only be letter and numbers. To allow (but not require) special characters, you should use something like:
^(?=.*[A-Za-z])(?=.*\d).{8,}$ to allow any characters
or
^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d$#$!%*#?&]{8,}$ to allow specific special characters
Likewise, "minimum eight characters, at least one uppercase letter, one lowercase letter and one number:"
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$
meets that minimum requirement, but only allows letters and numbers. Use:
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d).{8,}$ to allow any characters
or
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[A-Za-z\d$#$!%*?&]{8,} to allow specific special characters.
A more "generic" version(?), allowing none English letters as special characters.
^(?=\S*[a-z])(?=\S*[A-Z])(?=\S*\d)(?=\S*[^\w\s])\S{8,}$
var pwdList = [
'##V4-\3Z`zTzM{>k',
'12qw!"QW12',
'123qweASD!"#',
'1qA!"#$%&',
'Günther32',
'123456789',
'qweASD123',
'qweqQWEQWEqw',
'12qwAS!'
],
re = /^(?=\S*[a-z])(?=\S*[A-Z])(?=\S*\d)(?=\S*[^\w\s])\S{8,}$/;
pwdList.forEach(function (pw) {
document.write('<span style="color:'+ (re.test(pw) ? 'green':'red') + '">' + pw + '</span><br/>');
});
Import the JavaScript file jquery.validate.min.js.
You can use this method:
$.validator.addMethod("pwcheck", function (value) {
return /[\#\#\$\%\^\&\*\(\)\_\+\!]/.test(value) && /[a-z]/.test(value) && /[0-9]/.test(value) && /[A-Z]/.test(value)
});
At least one upper case English letter
At least one lower case English letter
At least one digit
At least one special character
For standard password requirements I found this to be useful:
At least 1 alphabet
At least 1 digit
Contains no space
Optional special characters e.g. #$!%*#?&^_-
Minimum 8 characters long
/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d#$!%*#?&^_-]{8,}$/
You can also set the upper limit for example {8,32} up to 32 characters long.
Try this one:
Minimum six characters
At least one uppercase character
At least one lowercase character
At least one special character
Expression:
"/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$#$!%*?&.])[A-Za-z\d$#$!%*?&.]{6, 20}/"
Optional Special Characters:
At least one special character
At least one number
Special characters are optional
Minimum six characters and maximum 16 characters
Expression:
"/^(?=.*\d)(?=.*[a-zA-Z]).{6,20}$/"
If the min and max condition is not required then remove .{6, 16}
6 is minimum character limit
20 is maximum character limit
?= means match expression
This worked for me:
^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[#$!%*?&])([a-zA-Z0-9#$!%*?&]{8,})$
At least 8 characters long;
One lowercase, one uppercase, one number and one special character;
No whitespaces.
Not directly answering the question, but does it really have to be a regex?
I used to do lots of Perl, and got used to solving problems with regexes. However, when they get more complicated with all the look-aheads and other quirks, you need to write dozens of unit tests to kill all those little bugs.
Furthermore, a regex is typically a few times slower than an imperative or a functional solution.
For example, the following (not very FP) Scala function solves the original question about three times faster than the regex of the most popular answer. What it does is also so clear that you don't need a unit test at all:
def validatePassword(password: String): Boolean = {
if (password.length < 8)
return false
var lower = false
var upper = false
var numbers = false
var special = false
password.foreach { c =>
if (c.isDigit) numbers = true
else if (c.isLower) lower = true
else if (c.isUpper) upper = true
else special = true
}
lower && upper && numbers && special
}
For a more strict validation where the following is required:
At least One Upper Case Character
At least one Lower Case character
At least one digit
At least one symbol/special character #$!%*#?&^_-
Minimum 8 characters/digits
Regex:
/(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[#$!%*#?&^_-]).{8,}/
I hope it helps someone with a more stringent.
What about considering the following regex solution:
^(?=.*[\w])(?=.*[\W])[\w\W]{8,}$
Which validates the following:
At least one lowercase
At least one uppercase
At least one digit
At least one special character
At least it should have 8 characters long.
Check it out working at the following link https://regex101.com/r/qPmC06/4/
^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*[!##$%^&*()_+,.\\\/;':"-]).{8,}$
Another option is to make use of contrast in the lookahead assertions using a negated character class, optionally matching any character except that is listed before matching the character that should be matched.
^(?=[^A-Z\n]*[A-Z])(?=[^a-z\n]*[a-z])(?=[^0-9\n]*[0-9])(?=[^#?!#$%^&*\n-]*[#?!#$%^&*-]).{8,}$
See a regex demo
In parts, the pattern matches:
^ Start of string
(?=[^A-Z\n]*[A-Z]) Positive lookahead, assert 0+ times any char except A-Z or a newline. Then match a char A-Z
(?=[^a-z\n]*[a-z]) The same approach for a char a-z
(?=[^0-9\n]*[0-9]) The same approach for a digit 0-9
(?=[^#?!#$%^&*\n-]*[#?!#$%^&*-]) The same approach for a char that you would consider special
.{8,} Match 8 or more times any character except a newline
$ End of string
Notes
A dot can also match a space. If you do not want to allow matching a space, then .{8,} can be changed to \S{8,} to match 8 or more non whitespace characters
Using either . or \S can match more characters than are specified in the lookahead assertions. If you only want to match the characters that are used in the assertions, you can change .{8,} to match only the allowed characters [#?!#$%^&*A-Za-z0-9-]{8,} using a character class
const regex = /^(?=[^A-Z\n]*[A-Z])(?=[^a-z\n]*[a-z])(?=[^0-9\n]*[0-9])(?=[^#?!#$%^&*\n-]*[#?!#$%^&*-]).{8,}$/;
[
"abcA1#!A",
"#!asdfSFD1;",
"# a f F1 ;",
"1111111111",
"aaaaaaaa",
"11111111",
"AAAAAAAA",
"########",
"aA1#"
].forEach(s =>
console.log(regex.test(s) ? `Match --> ${s}` : `No match --> ${s}`)
);
/^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).*$/
this the simple way to use it while validate atleast 1 uppercase 1 lowercase and 1 number
and this is the example while I use in express validation
check('password')
.notEmpty()
.withMessage('Password cannot be null')
.bail()
.isLength({ min: 6 })
.withMessage('Password must be at least 6 characters')
.bail()
.matches(/^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).*$/)
.withMessage(
'Must have atleast 1 uppercase, 1 lowercase letter and 1 number'
),
Testing this one in 2020:
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$!%*?&])[A-Za-z\d#$!%*?&]{8,}$
Verify yourself
const regex = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$!%*?&])[A-Za-z\d#$!%*?&]{8,}$/;
const str = `some12*Nuts`;
let m;
if ((m = regex.exec(str)) !== null) {
// The result can be accessed through the `m`-variable.
m.forEach((match, groupIndex) => {
console.log(`Found match, group ${groupIndex}: ${match}`);
});
}
#ClasG has already suggested:
^(?=\S*[a-z])(?=\S*[A-Z])(?=\S*\d)(?=\S*[^\w\s])\S{8,}$
but it does not accept _(underscore) as a special character (eg. Aa12345_).
An improved one is:
^(?=\S*[a-z])(?=\S*[A-Z])(?=\S*\d)(?=\S*([^\w\s]|[_]))\S{8,}$
I've found many problems here, so I made my own.
Here it is in all it's glory, with tests:
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*([^a-zA-Z\d\s])).{9,}$
https://regex101.com/r/DCRR65/4/tests
Things to look out for:
doesn't use \w because that includes _, which I'm testing for.
I've had lots of troubles matching symbols, without matching the end of the line.
Doesn't specify symbols specifically, this is also because different locales may have different symbols on their keyboards that they may want to use.
Demo:
function password_check() {
pass = document.getElementById("password").value;
console.log(pass);
regex = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$!%*?&])[A-Za-z\d#$!%*?&]{8,}$/;
if (regex.exec(pass) == null) {
alert('invalid password!')
}
else {
console.log("valid");
}
}
<input type="text" id="password" value="Sample#1">
<input type="button" id="submit" onclick="password_check()" value="submit">
var strongRegex = new RegExp("^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!##\$%\^&\*])(?=.{8,})");
var mediumRegex = new RegExp("^(((?=.*[a-z])(?=.*[A-Z]))|((?=.*[a-z])(?=.*[0-9]))|((?=.*[A-Z])(?=.*[0-9])))(?=.{6,})");
Best For javascript
Keep it simple stupid:
This should do the trick for you, always.
Regex: ^(.{0,7}|[^a-z]{1,}|[^A-Z]{1,}|[^\d]{1,}|[^\W]{1,})$|[\s]
If your password matches the regex above, it is invalid.
If there's no match, your password is valid and contains has at least 8 characters, one upper case letter, one lower case letter and one symbol or special character. And it also contains no spaces, tabs or line breaks.
Breakdown of Regex
.{0,7} - matches if password has between 0 to 7 characters.
[^a-z]{1,} - matches if no lower case is found
[^A-Z]{1,} - matches if no upper case is found
[^\d]{1,} - matches if no number (between [0-9]) is found
[\s] - matches if a white space, tab or line break is found.
With this approach there's no limit or restriction in terms of symbols allowed. If you want to limit to few symbols allowable, just change [^\W] with [^YourSymbols].
(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[##$%^&+-]).{6}
According to your need this pattern should work just fine. Try this,
^(?=(.*\d){1})(.*\S)(?=.*[a-zA-Z\S])[0-9a-zA-Z\S]{8,}
Just create a string variable, assign the pattern, and create a boolean method which returns true if the pattern is correct, else false.
Sample:
String pattern = "^(?=(.*\d){1})(.*\S)(?=.*[a-zA-Z\S])[0-9a-zA-Z\S]{8,}";
String password_string = "Type the password here"
private boolean isValidPassword(String password_string) {
return password_string.matches(Constants.passwordPattern);
}
Use the following Regex to satisfy the below conditions:
Conditions: 1] Min 1 special character.
2] Min 1 number.
3] Min 8 characters or More
Regex: ^(?=.*\d)(?=.*[#$#!%&*?])[A-Za-z\d#$#!%&*?]{8,}$
Can Test Online: https://regex101.com
Just we can do this by using HTML5.
Use below code in pattern attribute,
pattern="(?=^.{8,}$)((?=.*\d)(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$"
It will work perfectly.
You can use the below regular expression pattern to check the password whether it matches your expectations or not.
((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[~!##$%^&*()]).{8,20})

Further modifying regular expression for password

How would you modify this regex to only allow letters and numbers?
I thought by putting that it must have at least 2 uppercase letters, lowercase letters and digits, that it would limit the expression to just those types of characters. But it allows unwanted characters like tildes and such.
/^[\s]*((?=([^\s]*\d){2,})(?=([^\s]*[a-z]){2,})(?=([^\s]*[A-Z]){2,})[^\s]{8,16})[\s]*$/
I don't see a way for a single regex to count the uppercase letter amid the other lowercase letters and digits. As they say, regular expressions can't count.
So, I think your solution will entail a regex to determine that the appropriate kinds of letters are present and then in a separate step you can count the upper-case characters afterwards:
/[A-Za-z0-9]{8,16}/
For the subsequent steps (validating that the string has at least two uppercase characters, two lowercase letters, and two digits), try these three regexes:
/[A-Z].*[A-Z]/
/[0-9].*[0-9]/
/[a-z].*[a-z]/
Any string that matches all four regexes will be one that meets your password criteria.
That being said, it may be easier to make a function without regexes and just do simple character counts in a loop.
FWIW, a good tool for exploring alternate ways of building a regex is to visit http://txt2re.com
Here's a way to do it using a few needles. fiddle
alert( verify('AbcdeFghij123') );
alert( verify('Abcdeghij123') ); // Only 1 capital
alert( verify('AbcdeFghij') ); // No numbers
alert( verify('ABCDEF123') ); // No lowercase
alert( verify('Abc~~ghij123') ); // Tilde
alert( verify('') ); // Blank
function verify(pass) {
return /^[A-Za-z0-9]+$/.test(pass)
&& /[A-Z][^A-Z]*[A-Z]/.test(pass)
&& /[a-z][^a-z]*[a-z]/.test(pass)
&& /[0-9][^0-9]*[0-9]/.test(pass);
}
If you want to limit the size to being between X and Y replace /^[A-Za-z0-9]+$/ with /^[A-Za-z0-9]{X,Y}$/. Pretty simple, eh?
Here is a tested function that will validate a password with your requirements:
/* Validate a password string that has:
* From 8 to 16 letters and digits.
* Optional leading and trailing whitespace.
* At least 2 uppercase letters.
* At least 2 lowercase letters.
* At least 2 decimal digits.
Here is the regex in (PHP) free-spacing mode with comments:
$re = '/# Validate password has 2 upper, 2 lower and 2 digits.
^ # Anchor to start of string.
(?=(?:[^A-Z]*[A-Z]){2}) # Assert 2 uppercase letters.
(?=(?:[^a-z]*[a-z]){2}) # Assert 2 lowercase letters.
(?=(?:[^0-9]*[0-9]){2}) # Assert 2 decimal digits.
\s* # Allow leading whitespace.
([A-Za-z0-9]{8,16}) # $1: Password 8-16 of [A-Za-z0-9]
\s* # Allow trailing whitespace.
$ # Anchor to end of string.
/x';
If valid password, return password trimmed of leading and trailing whitespace.
If invalid password, return empty string.
*/
function validatePassword(text) {
var re = /^(?=(?:[^A-Z]*[A-Z]){2})(?=(?:[^a-z]*[a-z]){2})(?=(?:[^0-9]*[0-9]){2})\s*([A-Za-z0-9]{8,16})\s*$/;
var m = text.match(re);
if (m) return m[1]; // If valid, return trimmed password
return ''; // If not valid, return empty string
}

Password REGEX with min 6 chars, at least one letter and one number and may contain special characters

I need a regular expression with condition:
min 6 characters, max 50 characters
must contain 1 letter
must contain 1 number
may contain special characters like !##$%^&*()_+
Currently I have pattern: (?!^[0-9]*$)(?!^[a-zA-Z]*$)^([a-zA-Z0-9]{6,50})$
However it doesn't allow special characters, does anybody have a good regex for that?
Thanks
Perhaps a single regex could be used, but that makes it hard to give the user feedback for which rule they aren't following. A more traditional approach like this gives you feedback that you can use in the UI to tell the user what pwd rule is not being met:
function checkPwd(str) {
if (str.length < 6) {
return("too_short");
} else if (str.length > 50) {
return("too_long");
} else if (str.search(/\d/) == -1) {
return("no_num");
} else if (str.search(/[a-zA-Z]/) == -1) {
return("no_letter");
} else if (str.search(/[^a-zA-Z0-9\!\#\#\$\%\^\&\*\(\)\_\+]/) != -1) {
return("bad_char");
}
return("ok");
}
following jfriend00 answer i wrote this fiddle to test his solution with some little changes to make it more visual:
http://jsfiddle.net/9RB49/1/
and this is the code:
checkPwd = function() {
var str = document.getElementById('pass').value;
if (str.length < 6) {
alert("too_short");
return("too_short");
} else if (str.length > 50) {
alert("too_long");
return("too_long");
} else if (str.search(/\d/) == -1) {
alert("no_num");
return("no_num");
} else if (str.search(/[a-zA-Z]/) == -1) {
alert("no_letter");
return("no_letter");
} else if (str.search(/[^a-zA-Z0-9\!\#\#\$\%\^\&\*\(\)\_\+\.\,\;\:]/) != -1) {
alert("bad_char");
return("bad_char");
}
alert("oukey!!");
return("ok");
}
btw, its working like a charm! ;)
best regards and thanks to jfriend00 of course!
Check a password between 7 to 16 characters which contain only characters, numeric digits, underscore and first character must be a letter-
/^[A-Za-z]\w{7,14}$/
Check a password between 6 to 20 characters which contain at least one numeric digit, one uppercase, and one lowercase letter
/^(?=.\d)(?=.[a-z])(?=.*[A-Z]).{6,20}$/
Check a password between 7 to 15 characters which contain at least one numeric digit and a special character
/^(?=.[0-9])(?=.[!##$%^&])[a-zA-Z0-9!##$%^&]{7,15}$/
Check a password between 8 to 15 characters which contain at least one lowercase letter, one uppercase letter, one numeric digit, and one special character
/^(?=.\d)(?=.[a-z])(?=.[A-Z])(?=.[^a-zA-Z0-9])(?!.*\s).{8,15}$/
I hope this will help someone. For more please check this article and this site regexr.com
A more elegant and self-contained regex to match these (common) password requirements is:
^(?=.*[A-Za-z])(?=.*\\d)[A-Za-z\\d^a-zA-Z0-9].{5,50}$
The elegant touch here is that you don't have to hard-code symbols such as $ # # etc.
To accept all the symbols, you are simply saying: "accept also all the not alphanumeric characters and not numbers".
Min and Max number of characters requirement
The final part of the regex {5,50} is the min and max number of characters, if the password is less than 6 or more than 50 characters entered the regex returns a non match.
I have a regex, but it's a bit tricky.
^(?:(?<Numbers>[0-9]{1})|(?<Alpha>[a-zA-Z]{1})|(?<Special>[^a-zA-Z0-9]{1})){6,50}$
Let me explain it and how to check if the tested password is correct:
There are three named groups in the regex.
1) "Numbers": will match a single number in the string.
2) "Alpha": will match a single character from "a" to "z" or "A" to "Z"
3) "Special": will match a single character not being "Alpha" or "Numbers"
Those three named groups are grouped in an alternative group, and {6,50} advises regex machine to capture at least 6 of those groups mentiond above, but not more than 50.
To ensure a correct password is entered you have to check if there is a match, and after that, if the matched groups are capture as much as you desired. I'm a C# developer and don't know, how it works in javascript, but in C# you would have to check:
match.Groups["Numbers"].Captures.Count > 1
Hopefully it works the same in javascript! Good luck!
I use this
export const validatePassword = password => {
const re = /^(?=.*[A-Za-z])(?=.*\d)[a-zA-Z0-9!##$%^&*()~¥=_+}{":;'?/>.<,`\-\|\[\]]{6,50}$/
return re.test(password)
}
DEMO https://jsfiddle.net/ssuryar/bjuhkt09/
Onkeypress the function triggerred.
HTML
<form>
<input type="text" name="testpwd" id="testpwd" class="form=control" onkeyup="checksPassword(this.value)"/>
<input type="submit" value="Submit" /><br />
<span class="error_message spassword_error" style="display: none;">Enter minimum 8 chars with atleast 1 number, lower, upper & special(##$%&!-_&) char.</span>
</form>
Script
function checksPassword(password){
var pattern = /^.*(?=.{8,20})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[##$%&!-_]).*$/;
if(!pattern.test(password)) {
$(".spassword_error").show();
}else
{
$(".spassword_error").hide();
}
}
International UTF-8
None of the solutions here allow international letters, i.e. éÉöÖæÆóÓúÚáÁ, but are mainly focused on the english alphabet.
The following regEx uses unicode, UTF-8, to recognise upper and lower case and thus, allow international characters:
// Match uppercase, lowercase, digit or #$!%*?& and make sure the length is 6 to 50 in length
const pwdFilter = /^(?=.*\p{Ll})(?=.*\p{Lu})(?=.*[\d|##$!%*?&])[\p{L}\d##$!%*?&]{6,50}$/gmu
if (!pwdFilter.test(pwd)) {
// Show error that password has to be adjusted to match criteria
}
This regEx
/^(?=.*\p{Ll})(?=.*\p{Lu})(?=.*[\d|##$!%*?&])[\p{L}\d##$!%*?&]{6,50}$/gmu
checks if an uppercase, lowercase, digit or #$!%*?& are used in the password. It also limits the length to be 6 minimum and maximum 50 (note that the length of 😀🇺🇸🇪🇸🧑‍💻 emojis counts as more than one character in the length).
The u in the end, tells it to use UTF-8.
First, we should make the assumption that passwords are always hashed (right? always hashed, right?). That means we should not specify the exact characters allowed (as per the 4th bullet). Rather, any characters should be accepted, and then validate on minimum length and complexity (must contain a letter and a number, for example). And since it will definitely be hashed, we have no concerns over a max length, and should be able to eliminate that as a requirement.
I agree that often this won't be done as a single regex but rather a series of small regex to validate against because we may want to indicate to the user what they need to update, rather than just rejecting outright as an invalid password. Here's some options:
As discussed above - 1 number, 1 letter (upper or lower case) and min 8 char. Added a second option that disallows leading/trailing spaces (avoid potential issues with pasting with extra white space, for example).
^(?=.*\d)(?=.*[a-zA-Z]).{8,}$
^(?=.*\d)(?=.*[a-zA-Z])\S.{6,}\S$
Lastly, if you want to require 1 number and both 1 uppercase and 1 lowercase letter, something like this would work (with or without allowing leading/trailing spaces)
^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}$
^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])\S.{6,}\S$
Lastly as requested in the original post (again, don't do this, please try and push back on the requirements!!) - 1 number, 1 letter (upper or lower case), 1 special char (in list) and min 8 char, max 50 char. Both with/without allowing leading/trailing spaces, note the min/max change to account for the 2 non-whitespace characters specified.
^(?=.*\d)(?=.*[a-zA-Z])(?=.*[!##$%^&*()_+]).{8,50}$
^(?=.*\d)(?=.*[a-zA-Z])(?=.*[!##$%^&*()_+])\S.{6,48}\S$
Bonus - separated out is pretty simple, just test against each of the following and show the appropriate error in turn:
/^.{8,}$/ // at least 8 char; ( /^.{8,50}$/ if you must add a max)
/[A-Za-z]/ // one letter
/[A-Z]/ // (optional) - one uppercase letter
/[a-z]/ // (optional) - one lowercase letter
/\d/ // one number
/^\S+.*\S+$/ // (optional) first and last character are non-whitespace)
Note, in these regexes, the char set for a letter is the standard English 26 character alphabet without any accented characters. But my hope is this has enough variations so folks can adapt from here as needed.
// more secure regex password must be :
// more than 8 chars
// at least one number
// at least one special character
const PASSWORD_REGEX_3 = /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!##$%^&*]).{8,}$/;

validating variable in javascript

Hi i have a field in php that will be validated in javascript using i.e for emails
var emailRegex = /^[\w-\.]+#([\w-]+\.)+[\w-]{2,4}$/;
What i'm after is a validation check which will look for the
first letter as a capital Q
then the next letters can be numbers only
then followed by a .
then two numbers only
and then an optional letter
i.e Q100.11 or Q100.11a
I must admit i look at the above email validation check and i have no clue how it works but it does ;)
many thanks for any help on this
Steve
The ^ marks the beginning of the string, $ matches the end of the string. In other words, the whole string should exactly match this regular expression.
[\w-\.]+: I think you wanted to match letters, digits, dots and - only. In that case, the - should be escaped (\-): [\w\-\.]+. The plus-sign makes is match one or more times.
#: a literal # match
([\w-]+\.)+ letters, digits and - are allowed one or more times, with a dot after it (between the parentheses). This may occur several times (at least once).
[\w-]{2,4}: this should match the TLD, like com, net or org. Because a TLD can only contain letters, it should be replaced by [a-z]{2,4}. This means: lowercase letters may occur two till four times. Note that the TLD can be longer than 4 characters.
An regular expression which should follow the next rules:
a capital Q (Q)
followed by one or more occurrences of digits (\d+)
a literal dot (.)
two digits (\d{2})
one optional letter ([a-z]?)
Result:
var regex = /Q\d+\.\d{2}[a-z]?/;
If you need to match strings case-insensitive, add the i (case-insensitive) modifier:
var regex = /Q\d+\.\d{2}[a-z]?/i;
Validating a string using a regexp can be done in several ways, one of them:
if (regex.test(str)) {
// success
} else {
// no match
}
var emailRegex = /^Q\d+\.\d{2}[a-zA-Z]?#([\w-]+\.)+[a-zA-Z]+$/;
var str = "Q100.11#test.com";
alert(emailRegex.test(str));
var regex = /^Q[0-9]+\.[0-9]{2}[a-z]?$/;
+ means one or more
the period must be escaped - \.
[0-9]{2} means 2 digits, same as \d{2}
[a-z]? means 0 or 1 letter
You can check your regex at http://regexpal.com/

Categories