August 2012
Intermediate to advanced
609 pages
19h 16m
English
Content preview from Regular Expressions Cookbook, 2nd Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
4.19. Validate Password Complexity
Problem
You’re tasked with ensuring that any passwords chosen by your website users meet your organization’s minimum complexity requirements.
Solution
The following regular expressions check many individual conditions, and can be mixed and matched as necessary to meet your business requirements. At the end of this section, we’ve included several JavaScript code examples that show how you can tie these regular expressions together as part of a password security validation routine.
Length between 8 and 32 characters
^.{8,32}$| Regex options: Dot matches line breaks (“^ and $ match at line breaks” must not be set) |
| Regex flavors: .NET, Java, XRegExp, PCRE, Perl, Python, Ruby |
Standard JavaScript doesn’t have a “dot matches line
breaks” option. Use ‹[\s\S]›
instead of a dot in JavaScript to ensure that the regex works
correctly even for crazy passwords that include line breaks:
^[\s\S]{8,32}$| Regex options: None (“^ and $ match at line breaks” must not be set) |
| Regex flavors: .NET, Java, JavaScript, PCRE, Perl, Python, Ruby |
ASCII visible and space characters only
If this next regex matches a password, you can be sure
it includes only the characters A–Z,
a–z, 0–9,
space, and ASCII punctuation. No control characters, line breaks, or
characters outside of the ASCII table are allowed:
^[\x20-\x7E]+$
| Regex options: None (“^ and $ match at line breaks” must not be set) |
| Regex flavors: .NET, Java, JavaScript, PCRE, Perl, Python, Ruby |
If you want to additionally prevent the use ...