NewPasswordRegularExpression bug in ChangePassword control

Discussion in 'ASP .Net' started by Dmitry Duginov, Feb 8, 2008.

  1. Hi,

    I am trying to enforce the following password strength rules:

    8 characters minimum
    including at least 2 digits
    and at least one non-alphanumeric character

    Web.config fragment:

    <membership defaultProvider="XYZMembershipProvider">
    <providers>
    <add name="XYZMembershipProvider"
    connectionStringName="XYZMembershipConnection"
    applicationName="XYZ"
    passwordStrengthRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})"
    enablePasswordReset="false"
    requiresUniqueEmail="true"
    passwordFormat="Hashed"
    type="System.Web.Security.SqlMembershipProvider"/>
    </providers>
    </membership>

    On provider level it works fine, but when I'm trying to place the same Regex
    (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
    into NewPasswordRegularExpression property of ChangePassword control,
    client-side validation fails for valid passwords that pass server-side
    validation when NewPasswordRegularExpression is not filled.

    Control markup is below. It looks like javascript-based regex parsing does
    not work the same way as its client side peer. Any suggestions?

    <asp:ChangePassword ID="ChangePassword1" runat="server"
    NewPasswordRegularExpressionErrorMessage="New password must have at
    least 8 characters, including two numbers and one special character"
    PasswordHintText="Please enter a password at least 8 characters
    long, containing two numbers and one special character"
    NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\w){1,})">
    </asp:ChangePassword>

    Regards,
    Dmitry
    Dmitry Duginov, Feb 8, 2008
    #1
    1. Advertising

  2. On Feb 8, 8:01 pm, "Dmitry Duginov" <> wrote:
    > Hi,
    >
    > I am trying to enforce the following password strength rules:
    >
    > 8 characters minimum
    > including at least 2 digits
    > and at least one non-alphanumeric character
    >
    > Web.config fragment:
    >
    >   <membership defaultProvider="XYZMembershipProvider">
    >    <providers>
    >         <add name="XYZMembershipProvider"
    >         connectionStringName="XYZMembershipConnection"
    >         applicationName="XYZ"
    >         passwordStrengthRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})"
    >         enablePasswordReset="false"
    >         requiresUniqueEmail="true"
    >         passwordFormat="Hashed"
    >         type="System.Web.Security.SqlMembershipProvider"/>
    >    </providers>
    >   </membership>
    >
    > On provider level it works fine, but when I'm trying to place the same Regex
    > (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
    > into NewPasswordRegularExpression property of ChangePassword control,
    > client-side validation fails for valid passwords that pass server-side
    > validation when NewPasswordRegularExpression is not filled.
    >
    > Control markup is below. It looks like javascript-based regex parsing does
    > not work the same way as its client side peer. Any suggestions?
    >
    >     <asp:ChangePassword ID="ChangePassword1" runat="server"
    >         NewPasswordRegularExpressionErrorMessage="New password must have at
    > least 8 characters, including two numbers and one special character"
    >         PasswordHintText="Please enter a password at least 8 characters
    > long, containing two numbers and one special character"
    >         NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\w){1,})">
    >     </asp:ChangePassword>
    >
    > Regards,
    > Dmitry


    According to MSDN the pattern should look as follows:

    NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
    {1,})'

    http://msdn2.microsoft.com/en-us/li...ngepassword.newpasswordregularexpression.aspx

    Hope this helps
    Alexey Smirnov, Feb 10, 2008
    #2
    1. Advertising

  3. "Alexey Smirnov" <> wrote in message
    news:...
    On Feb 8, 8:01 pm, "Dmitry Duginov" <> wrote:
    > Hi,
    >
    > I am trying to enforce the following password strength rules:
    >
    > 8 characters minimum
    > including at least 2 digits
    > and at least one non-alphanumeric character
    >
    > Web.config fragment:
    >
    > <membership defaultProvider="XYZMembershipProvider">
    > <providers>
    > <add name="XYZMembershipProvider"
    > connectionStringName="XYZMembershipConnection"
    > applicationName="XYZ"
    > passwordStrengthRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})"
    > enablePasswordReset="false"
    > requiresUniqueEmail="true"
    > passwordFormat="Hashed"
    > type="System.Web.Security.SqlMembershipProvider"/>
    > </providers>
    > </membership>
    >
    > On provider level it works fine, but when I'm trying to place the same
    > Regex
    > (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
    > into NewPasswordRegularExpression property of ChangePassword control,
    > client-side validation fails for valid passwords that pass server-side
    > validation when NewPasswordRegularExpression is not filled.
    >
    > Control markup is below. It looks like javascript-based regex parsing does
    > not work the same way as its client side peer. Any suggestions?
    >
    > <asp:ChangePassword ID="ChangePassword1" runat="server"
    > NewPasswordRegularExpressionErrorMessage="New password must have at
    > least 8 characters, including two numbers and one special character"
    > PasswordHintText="Please enter a password at least 8 characters
    > long, containing two numbers and one special character"
    > NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\w){1,})">
    > </asp:ChangePassword>


    >According to MSDN the pattern should look as follows:


    >NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
    >{1,})'


    >http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.changepassword.newpasswordregularexpression.aspx


    >Hope this helps


    Of course it it doesn't. I gave it a try. No difference. If you look
    carefully, this regex additionally forces any password to begin with
    quotation mark, nothing else. But the validation fails anyway, even if I
    specify "password!99.

    Let's hear what Microsoft folks think about this...

    D.
    Dmitry Duginov, Feb 11, 2008
    #3
  4. Hi Dmitry,

    As for the CreateUserWizard and its password regex expression, I've
    performed some search and it seems there hasn't recorded an existing issue.
    For the behavior you mentioned, would you also paste me a test regex
    expression and some password patterns? I'd do some tests on my local side
    to confirm the behavior.

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    >From: "Dmitry Duginov" <>
    >References: <>

    <>
    >Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
    >Date: Mon, 11 Feb 2008 13:27:28 -0500


    >
    >
    >"Alexey Smirnov" <> wrote in message
    >news:...
    >On Feb 8, 8:01 pm, "Dmitry Duginov" <> wrote:
    >> Hi,
    >>
    >> I am trying to enforce the following password strength rules:
    >>
    >> 8 characters minimum
    >> including at least 2 digits
    >> and at least one non-alphanumeric character
    >>
    >> Web.config fragment:
    >>
    >> <membership defaultProvider="XYZMembershipProvider">
    >> <providers>
    >> <add name="XYZMembershipProvider"
    >> connectionStringName="XYZMembershipConnection"
    >> applicationName="XYZ"
    >> passwordStrengthRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})"
    >> enablePasswordReset="false"
    >> requiresUniqueEmail="true"
    >> passwordFormat="Hashed"
    >> type="System.Web.Security.SqlMembershipProvider"/>
    >> </providers>
    >> </membership>
    >>
    >> On provider level it works fine, but when I'm trying to place the same
    >> Regex
    >> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
    >> into NewPasswordRegularExpression property of ChangePassword control,
    >> client-side validation fails for valid passwords that pass server-side
    >> validation when NewPasswordRegularExpression is not filled.
    >>
    >> Control markup is below. It looks like javascript-based regex parsing

    does
    >> not work the same way as its client side peer. Any suggestions?
    >>
    >> <asp:ChangePassword ID="ChangePassword1" runat="server"
    >> NewPasswordRegularExpressionErrorMessage="New password must have at
    >> least 8 characters, including two numbers and one special character"
    >> PasswordHintText="Please enter a password at least 8 characters
    >> long, containing two numbers and one special character"
    >> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\w){1,})">
    >> </asp:ChangePassword>

    >
    >>According to MSDN the pattern should look as follows:

    >
    >>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
    >>{1,})'

    >
    >>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.change

    password.newpasswordregularexpression.aspx
    >
    >>Hope this helps

    >
    >Of course it it doesn't. I gave it a try. No difference. If you look
    >carefully, this regex additionally forces any password to begin with
    >quotation mark, nothing else. But the validation fails anyway, even if I
    >specify "password!99.
    >
    >Let's hear what Microsoft folks think about this...
    >
    >D.
    >
    >
    >
    >
    Steven Cheng[MSFT], Feb 13, 2008
    #4
  5. "Steven Cheng[MSFT]" <> wrote in message
    news:...
    > Hi Dmitry,
    >
    > As for the CreateUserWizard and its password regex expression, I've
    > performed some search and it seems there hasn't recorded an existing
    > issue.
    > For the behavior you mentioned, would you also paste me a test regex
    > expression and some password patterns? I'd do some tests on my local side
    > to confirm the behavior.


    Steven, the complete information to reproduce the bug has been included into
    original message below. But of course I can copy and paste it, no problem.

    <asp:ChangePassword ID="ChangePassword1" runat="server"
    NewPasswordRegularExpressionErrorMessage="New password must have at least 8
    characters, including two numbers and one special character"
    PasswordHintText="Please enter a password at least 8 characters long,
    containing two numbers and one special character"
    NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\w){1,})">
    </asp:ChangePassword>

    Example of the password: password!99

    D.

    >>From: "Dmitry Duginov" <>
    >>References: <>

    > <>
    >>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
    >>Date: Mon, 11 Feb 2008 13:27:28 -0500

    >
    >>
    >>
    >>"Alexey Smirnov" <> wrote in message
    >>news:...
    >>On Feb 8, 8:01 pm, "Dmitry Duginov" <> wrote:
    >>> Hi,
    >>>
    >>> I am trying to enforce the following password strength rules:
    >>>
    >>> 8 characters minimum
    >>> including at least 2 digits
    >>> and at least one non-alphanumeric character
    >>>
    >>> Web.config fragment:
    >>>
    >>> <membership defaultProvider="XYZMembershipProvider">
    >>> <providers>
    >>> <add name="XYZMembershipProvider"
    >>> connectionStringName="XYZMembershipConnection"
    >>> applicationName="XYZ"
    >>> passwordStrengthRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})"
    >>> enablePasswordReset="false"
    >>> requiresUniqueEmail="true"
    >>> passwordFormat="Hashed"
    >>> type="System.Web.Security.SqlMembershipProvider"/>
    >>> </providers>
    >>> </membership>
    >>>
    >>> On provider level it works fine, but when I'm trying to place the same
    >>> Regex
    >>> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
    >>> into NewPasswordRegularExpression property of ChangePassword control,
    >>> client-side validation fails for valid passwords that pass server-side
    >>> validation when NewPasswordRegularExpression is not filled.
    >>>
    >>> Control markup is below. It looks like javascript-based regex parsing

    > does
    >>> not work the same way as its client side peer. Any suggestions?
    >>>
    >>> <asp:ChangePassword ID="ChangePassword1" runat="server"
    >>> NewPasswordRegularExpressionErrorMessage="New password must have at
    >>> least 8 characters, including two numbers and one special character"
    >>> PasswordHintText="Please enter a password at least 8 characters
    >>> long, containing two numbers and one special character"
    >>> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\w){1,})">
    >>> </asp:ChangePassword>

    >>
    >>>According to MSDN the pattern should look as follows:

    >>
    >>>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
    >>>{1,})'

    >>
    >>>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.change

    > password.newpasswordregularexpression.aspx
    >>
    >>>Hope this helps

    >>
    >>Of course it it doesn't. I gave it a try. No difference. If you look
    >>carefully, this regex additionally forces any password to begin with
    >>quotation mark, nothing else. But the validation fails anyway, even if I
    >>specify "password!99.
    >>
    >>Let's hear what Microsoft folks think about this...
    >>
    >>D.
    >>
    >>
    >>
    >>

    >
    Dmitry Duginov, Feb 14, 2008
    #5
  6. "Steven Cheng[MSFT]" <> wrote in message
    news:...

    MSDN states that:

    Client-Side Validation for ASP.NET Server ControlsThere are a few minor
    differences associated with client-side validation: ... Client-side regular
    expressions differ in small details from the regular ...


    But the specific differences between client-side and server side Regex
    implementation in ASP.NET is nowhere to be found. Now I recall I used to
    have similar problem back in 2003 - the same Regex worked differently on
    client and server side. And Microsoft reps told "maybe it will be fixed in
    the next version". It's been five years since then...

    Could you find out what are those "small, minor differences"?

    D.
    Dmitry Duginov, Feb 14, 2008
    #6
  7. Hello Dmitry,

    > "Steven Cheng[MSFT]" <> wrote in message
    > news:...
    >
    > MSDN states that:
    >
    > Client-Side Validation for ASP.NET Server ControlsThere are a few
    > minor differences associated with client-side validation: ...
    > Client-side regular expressions differ in small details from the
    > regular ...
    >
    > But the specific differences between client-side and server side Regex
    > implementation in ASP.NET is nowhere to be found. Now I recall I used
    > to have similar problem back in 2003 - the same Regex worked
    > differently on client and server side. And Microsoft reps told "maybe
    > it will be fixed in the next version". It's been five years since
    > then...
    >
    > Could you find out what are those "small, minor differences"?


    Clientside uses the VBScript/JavaScript/ECMAScript implementation of Regex
    (same as the Windows Scripting Host).

    Serverside uses the .NET implementation of regex (with the ECMAScript compliace
    turned on if I'm not mistaking).

    For both of these is a separate set of documentation available and I do not
    expect these differences to be removed ever/at all, as there are too many
    3rd party browsers that have built in support for the same VBScript/JavaScript/ECMAScript
    implementation for such a change to work without serious cooperation between
    all browser vendors.

    I find the following website a handy reference to look up such changes/differences:
    http://www.regular-expressions.info/tools.html


    --
    Jesse Houwing
    jesse.houwing at sogeti.nl
    Jesse Houwing, Feb 14, 2008
    #7
  8. Dmitry Duginov

    Steven Cheng Guest

    Hi Dmitry,

    As Jesse has mentioned, the difference is something like the script
    component's string regex support and .NET's regex support. The site
    provided in his message provide some information on regex support of
    different tools/platform.

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    >From: "Dmitry Duginov" <>
    >Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
    >Date: Thu, 14 Feb 2008 10:21:28 -0500


    >
    >
    >"Steven Cheng[MSFT]" <> wrote in message
    >news:...
    >
    >MSDN states that:
    >
    >Client-Side Validation for ASP.NET Server ControlsThere are a few minor
    >differences associated with client-side validation: ... Client-side

    regular
    >expressions differ in small details from the regular ...
    >
    >
    >But the specific differences between client-side and server side Regex
    >implementation in ASP.NET is nowhere to be found. Now I recall I used to
    >have similar problem back in 2003 - the same Regex worked differently on
    >client and server side. And Microsoft reps told "maybe it will be fixed in
    >the next version". It's been five years since then...
    >
    >Could you find out what are those "small, minor differences"?
    >
    >D.
    >
    >
    >
    Steven Cheng, Feb 19, 2008
    #8
  9. "Steven Cheng[MSFT]" <> wrote in message
    news:...
    > Hi Dmitry,
    >
    > As for the CreateUserWizard and its password regex expression, I've
    > performed some search and it seems there hasn't recorded an existing
    > issue.
    > For the behavior you mentioned, would you also paste me a test regex
    > expression and some password patterns? I'd do some tests on my local side
    > to confirm the behavior.


    Steven, it's been two weeks.

    Did you get anything related to this issue???

    D.

    >
    > --------------------
    >>From: "Dmitry Duginov" <>
    >>References: <>

    > <>
    >>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
    >>Date: Mon, 11 Feb 2008 13:27:28 -0500

    >
    >>
    >>
    >>"Alexey Smirnov" <> wrote in message
    >>news:...
    >>On Feb 8, 8:01 pm, "Dmitry Duginov" <> wrote:
    >>> Hi,
    >>>
    >>> I am trying to enforce the following password strength rules:
    >>>
    >>> 8 characters minimum
    >>> including at least 2 digits
    >>> and at least one non-alphanumeric character
    >>>
    >>> Web.config fragment:
    >>>
    >>> <membership defaultProvider="XYZMembershipProvider">
    >>> <providers>
    >>> <add name="XYZMembershipProvider"
    >>> connectionStringName="XYZMembershipConnection"
    >>> applicationName="XYZ"
    >>> passwordStrengthRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})"
    >>> enablePasswordReset="false"
    >>> requiresUniqueEmail="true"
    >>> passwordFormat="Hashed"
    >>> type="System.Web.Security.SqlMembershipProvider"/>
    >>> </providers>
    >>> </membership>
    >>>
    >>> On provider level it works fine, but when I'm trying to place the same
    >>> Regex
    >>> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
    >>> into NewPasswordRegularExpression property of ChangePassword control,
    >>> client-side validation fails for valid passwords that pass server-side
    >>> validation when NewPasswordRegularExpression is not filled.
    >>>
    >>> Control markup is below. It looks like javascript-based regex parsing

    > does
    >>> not work the same way as its client side peer. Any suggestions?
    >>>
    >>> <asp:ChangePassword ID="ChangePassword1" runat="server"
    >>> NewPasswordRegularExpressionErrorMessage="New password must have at
    >>> least 8 characters, including two numbers and one special character"
    >>> PasswordHintText="Please enter a password at least 8 characters
    >>> long, containing two numbers and one special character"
    >>> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\w){1,})">
    >>> </asp:ChangePassword>

    >>
    >>>According to MSDN the pattern should look as follows:

    >>
    >>>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
    >>>{1,})'

    >>
    >>>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.change

    > password.newpasswordregularexpression.aspx
    >>
    >>>Hope this helps

    >>
    >>Of course it it doesn't. I gave it a try. No difference. If you look
    >>carefully, this regex additionally forces any password to begin with
    >>quotation mark, nothing else. But the validation fails anyway, even if I
    >>specify "password!99.
    >>
    >>Let's hear what Microsoft folks think about this...
    >>
    >>D.
    >>
    >>
    >>
    >>

    >
    Dmitry Duginov, Feb 26, 2008
    #9
  10. Dmitry Duginov

    Steven Cheng Guest

    Hi Dmitry,

    Sorry for keep you waiting. I've done some further research previouly and
    haven't got any useful information so far. I'd like to involve some further
    resource to help you on this issue. Would you send me a mail offline
    through the following address:

    "stcheng"+"@"+"microsoft.com"

    I'll request some further information from you so as to allocate further
    resource to help you.

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    >From: "Dmitry Duginov" <>
    >References: <>

    <>
    <>
    <>
    >Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
    >Date: Tue, 26 Feb 2008 12:08:10 -0500


    >
    >
    >"Steven Cheng[MSFT]" <> wrote in message
    >news:...
    >> Hi Dmitry,
    >>
    >> As for the CreateUserWizard and its password regex expression, I've
    >> performed some search and it seems there hasn't recorded an existing
    >> issue.
    >> For the behavior you mentioned, would you also paste me a test regex
    >> expression and some password patterns? I'd do some tests on my local side
    >> to confirm the behavior.

    >
    >Steven, it's been two weeks.
    >
    >Did you get anything related to this issue???
    >
    >D.
    >
    >>
    >> --------------------
    >>>From: "Dmitry Duginov" <>
    >>>References: <>

    >> <>
    >>>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
    >>>Date: Mon, 11 Feb 2008 13:27:28 -0500

    >>
    >>>
    >>>
    >>>"Alexey Smirnov" <> wrote in message
    >>>news:...
    >>>On Feb 8, 8:01 pm, "Dmitry Duginov" <> wrote:
    >>>> Hi,
    >>>>
    >>>> I am trying to enforce the following password strength rules:
    >>>>
    >>>> 8 characters minimum
    >>>> including at least 2 digits
    >>>> and at least one non-alphanumeric character
    >>>>
    >>>> Web.config fragment:
    >>>>
    >>>> <membership defaultProvider="XYZMembershipProvider">
    >>>> <providers>
    >>>> <add name="XYZMembershipProvider"
    >>>> connectionStringName="XYZMembershipConnection"
    >>>> applicationName="XYZ"
    >>>>

    passwordStrengthRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})"
    >>>> enablePasswordReset="false"
    >>>> requiresUniqueEmail="true"
    >>>> passwordFormat="Hashed"
    >>>> type="System.Web.Security.SqlMembershipProvider"/>
    >>>> </providers>
    >>>> </membership>
    >>>>
    >>>> On provider level it works fine, but when I'm trying to place the same
    >>>> Regex
    >>>> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
    >>>> into NewPasswordRegularExpression property of ChangePassword control,
    >>>> client-side validation fails for valid passwords that pass server-side
    >>>> validation when NewPasswordRegularExpression is not filled.
    >>>>
    >>>> Control markup is below. It looks like javascript-based regex parsing

    >> does
    >>>> not work the same way as its client side peer. Any suggestions?
    >>>>
    >>>> <asp:ChangePassword ID="ChangePassword1" runat="server"
    >>>> NewPasswordRegularExpressionErrorMessage="New password must have at
    >>>> least 8 characters, including two numbers and one special character"
    >>>> PasswordHintText="Please enter a password at least 8 characters
    >>>> long, containing two numbers and one special character"
    >>>> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2,})(?=(.*\w){1,})">
    >>>> </asp:ChangePassword>
    >>>
    >>>>According to MSDN the pattern should look as follows:
    >>>
    >>>>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
    >>>>{1,})'
    >>>
    >>>>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.chan

    ge
    >> password.newpasswordregularexpression.aspx
    >>>
    >>>>Hope this helps
    >>>
    >>>Of course it it doesn't. I gave it a try. No difference. If you look
    >>>carefully, this regex additionally forces any password to begin with
    >>>quotation mark, nothing else. But the validation fails anyway, even if I
    >>>specify "password!99.
    >>>
    >>>Let's hear what Microsoft folks think about this...
    >>>
    >>>D.
    >>>
    >>>
    >>>
    >>>

    >>

    >
    >
    >
    Steven Cheng, Feb 27, 2008
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Evgeny
    Replies:
    2
    Views:
    2,109
    Evgeny
    Jan 28, 2006
  2. Replies:
    0
    Views:
    586
  3. PJ6
    Replies:
    1
    Views:
    550
    Eliyahu Goldin
    Apr 13, 2008
  4. Ken Fine
    Replies:
    2
    Views:
    1,736
    Allen Chen [MSFT]
    Aug 25, 2008
  5. Bogdan
    Replies:
    0
    Views:
    419
    Bogdan
    Sep 16, 2008
Loading...

Share This Page