Password Regular Expression

Discussion in 'Javascript' started by Stirling, May 15, 2004.

  1. Stirling

    Stirling Guest

    Hi all,
    hope someone can help me,

    I am looking to do a password validation check using client side
    validation. Minimum requirement is that it must contain at least one
    number and one letter. (Ideally it would be of 6-20 characters in
    length but first things first).

    I have came up with the following regEx

    ^(\w*(?=\w+\d+)(?=\w*[a-zA-Z])\w*)$

    This works fine in IE but when testing it using NS6 it won't validate
    '1password', but will validate 'password1'. It seems the first forward
    search is consuming the first character in NS, would this be correct,
    and if so can anybody suggest either a way arround this or a different
    regular expression,

    Thanks in advance,

    SJM.
     
    Stirling, May 15, 2004
    #1
    1. Advertising

  2. Stirling

    Evertjan. Guest

    Stirling wrote on 15 mei 2004 in comp.lang.javascript:

    > I am looking to do a password validation check using client side
    > validation. Minimum requirement is that it must contain at least one
    > number and one letter. (Ideally it would be of 6-20 characters in
    > length but first things first).
    >
    > I have came up with the following regEx
    >
    > ^(\w*(?=\w+\d+)(?=\w*[a-zA-Z])\w*)$
    >
    > This works fine in IE but when testing it using NS6 it won't validate
    > '1password', but will validate 'password1'. It seems the first forward
    > search is consuming the first character in NS, would this be correct,
    > and if so can anybody suggest either a way arround this or a different
    > regular expression,
    >


    function pwTest(w){
    t1 = /^[a-z\d]{6,20}$/i // only and length
    t2 = /[a-z]/i // at least 1 letter
    t3 = /\d/ // at least 1 number

    return t1.test(w) && t2.test(w) && t3.test(w)
    }


    alert(pwTest("1qweqweasd"))


    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
     
    Evertjan., May 15, 2004
    #2
    1. Advertising

  3. Stirling

    Ivo Guest

    "Stirling" wrote
    > I am looking to do a password validation check using client side
    > validation. Minimum requirement is that it must contain at least one
    > number and one letter. (Ideally it would be of 6-20 characters in
    > length but first things first).
    > <snip>


    Lookahead regexes are not very widely supported. Look at this:

    var pword='djuhy9dgyg';
    alert( /[a-z]/i.test( pword ) && /\d/.test( pword ) && /.{6,20}/.test(
    pword ) )
    // alerts true or false

    Three little regexes may not be the most efficient way, but would be fast
    enough for me.
    Ivo
     
    Ivo, May 15, 2004
    #3
  4. Stirling <> writes:

    > I am looking to do a password validation check using client side
    > validation. Minimum requirement is that it must contain at least one
    > number and one letter.


    > I have came up with the following regEx
    >
    > ^(\w*(?=\w+\d+)(?=\w*[a-zA-Z])\w*)$


    The matches a sequence of word-characters (a requirement you didn't
    mention?) that contains at least one digit(!) after a word character,
    and at least one letter. The reason you don't match "1password" is
    the first + in (?=\w+\d+).

    A simpler version could be:
    /^(?=\w*\d)(?=\w*[A-Z])\w{6,20}$/i

    Still, you are relying on lookahead, which only exists in newer
    browsers, and which IIRC is broken in IE. In many cases, making
    more than one test is much simpler than trying to encode everything
    into one RegExp.

    function testPasswd(pw) {
    return /[a-z]/i.test(pw) && /\d/.test(pw) && /^\w{6,20}*$/.test(pw);
    }

    > This works fine in IE but when testing it using NS6 it won't validate
    > '1password', but will validate 'password1'.


    That supports my recollection that lookahead in IE is broken, because
    it should not match "1password".

    > It seems the first forward search is consuming the first character
    > in NS, would this be correct,


    Yes, because you asked it to.

    /L
    --
    Lasse Reichstein Nielsen -
    DHTML Death Colors: <URL:http://www.infimum.dk/HTML/rasterTriangleDOM.html>
    'Faith without judgement merely degrades the spirit divine.'
     
    Lasse Reichstein Nielsen, May 15, 2004
    #4
  5. Stirling

    Stirling Guest

    Evertjan. wrote:

    > Stirling wrote on 15 mei 2004 in comp.lang.javascript:
    >
    >
    >>I am looking to do a password validation check using client side
    >>validation. Minimum requirement is that it must contain at least one
    >>number and one letter. (Ideally it would be of 6-20 characters in
    >>length but first things first).
    >>
    >>I have came up with the following regEx
    >>
    >>^(\w*(?=\w+\d+)(?=\w*[a-zA-Z])\w*)$
    >>
    >>This works fine in IE but when testing it using NS6 it won't validate
    >>'1password', but will validate 'password1'. It seems the first forward
    >>search is consuming the first character in NS, would this be correct,
    >>and if so can anybody suggest either a way arround this or a different
    >>regular expression,
    >>

    >
    >
    > function pwTest(w){
    > t1 = /^[a-z\d]{6,20}$/i // only and length
    > t2 = /[a-z]/i // at least 1 letter
    > t3 = /\d/ // at least 1 number
    >
    > return t1.test(w) && t2.test(w) && t3.test(w)
    > }
    >
    >
    > alert(pwTest("1qweqweasd"))
    >
    >

    My problem is that I am using ASP.net validation, so it must consist of
    a singe validation expression. Is there any other way of doing this
    sirt of thing with a single expression without looking forward?

    SJM.
     
    Stirling, May 16, 2004
    #5
  6. Stirling

    Stirling Guest

    Richard Cornford wrote:
    > Evertjan. wrote:
    >
    >>Stirling wrote:

    >
    > <snip>
    >
    >>>My problem is that I am using ASP.net validation, so it must consist
    >>>of a singe validation expression. Is there any other way of doing
    >>>this sirt of thing with a single expression without looking forward?

    >>
    >>This once more convinces me to stick to classical ASP.
    >>
    >>Either you are wrong or ASP-net stinks.

    >
    >
    > It does seem unlikely that ASP-net would impose such an arbitrary
    > restriction, but an expression could be a function call or a function
    > expression (that was called as - (function(){ ... })() -) so even with
    > this restriction there would be no limit on the amount of javascript
    > executed to resolve one expression.
    >
    > Richard.
    >
    >

    What I am using is the Validation controls which are part of the ASP.net
    framework (actullay I'm using a modified version called the
    DOMValidators.) These controls attach to a Textbox, and allow a regular
    expression match against the text box. Yes it is limiting, but it
    reduces the amount of javascript that needs coded quite a lot. So I'm
    stuck with using a single validation string.

    S.
     
    Stirling, May 16, 2004
    #6
  7. Stirling

    Evertjan. Guest

    Stirling wrote on 16 mei 2004 in comp.lang.javascript:
    >> function pwTest(w){
    >> t1 = /^[a-z\d]{6,20}$/i // only and length
    >> t2 = /[a-z]/i // at least 1 letter
    >> t3 = /\d/ // at least 1 number
    >>
    >> return t1.test(w) && t2.test(w) && t3.test(w)
    >> }
    >>
    >>
    >> alert(pwTest("1qweqweasd"))
    >>
    >>

    > My problem is that I am using ASP.net validation, so it must consist of
    > a singe validation expression. Is there any other way of doing this
    > sirt of thing with a single expression without looking forward?


    This once more convinces me to stick to classical ASP.

    Either you are wrong or ASP-net stinks.

    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
     
    Evertjan., May 17, 2004
    #7
  8. Evertjan. wrote:
    > Stirling wrote:

    <snip>
    >> My problem is that I am using ASP.net validation, so it must consist
    >> of a singe validation expression. Is there any other way of doing
    >> this sirt of thing with a single expression without looking forward?

    >
    > This once more convinces me to stick to classical ASP.
    >
    > Either you are wrong or ASP-net stinks.


    It does seem unlikely that ASP-net would impose such an arbitrary
    restriction, but an expression could be a function call or a function
    expression (that was called as - (function(){ ... })() -) so even with
    this restriction there would be no limit on the amount of javascript
    executed to resolve one expression.

    Richard.
     
    Richard Cornford, May 18, 2004
    #8
  9. Stirling

    Jim Ley Guest

    On Tue, 18 May 2004 19:06:10 +0100, "Richard Cornford"
    <> wrote:

    >Evertjan. wrote:
    >> Either you are wrong or ASP-net stinks.

    >
    >It does seem unlikely that ASP-net would impose such an arbitrary
    >restriction,


    It's entirely possible ASP.NET webforms stink, no seriously, they
    really stink. They are almost certainly the worst thing ever to come
    out of Microsoft.

    > but an expression could be a function call or a function
    >expression (that was called as - (function(){ ... })() -) so even with
    >this restriction there would be no limit on the amount of javascript
    >executed to resolve one expression.


    True, but stop shining the shite, there's no way it'll be worth it.

    Jim.
    --
    comp.lang.javascript FAQ - http://jibbering.com/faq/
     
    Jim Ley, May 19, 2004
    #9
  10. Jim Ley wrote:
    > "Richard Cornford" wrote:
    >>Evertjan. wrote:
    >>> Either you are wrong or ASP-net stinks.

    >>
    >>It does seem unlikely that ASP-net would impose such an
    >>arbitrary restriction,

    >
    > It's entirely possible ASP.NET webforms stink, no seriously,
    > they really stink. They are almost certainly the worst thing
    > ever to come out of Microsoft.

    <snip>

    I am not sure why I gave Microsoft credit for not being that stupid,
    they demonstrate monumental incompetence on occasions, like the fact
    that I have to use a Mozilla/Gecko browser when I visit the MSDN site
    because they cannot cope with the configurability of their own (IE6)
    browser.

    Richard.
     
    Richard Cornford, May 21, 2004
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. VSK
    Replies:
    2
    Views:
    2,307
  2. JJ
    Replies:
    7
    Views:
    6,179
    ThunderMusic
    Sep 19, 2006
  3. =?Utf-8?B?SXZhbiBBYnJhbW92?=

    Regular expression for password

    =?Utf-8?B?SXZhbiBBYnJhbW92?=, Jan 29, 2007, in forum: ASP .Net
    Replies:
    3
    Views:
    338
    Jonathan Wood
    Jan 29, 2007
  4. AAaron123
    Replies:
    2
    Views:
    2,201
    AAaron123
    Jan 16, 2009
  5. AAaron123
    Replies:
    1
    Views:
    1,356
    Oriane
    Jan 16, 2009
Loading...

Share This Page