ASP.NET Password Strength Regular Expression - 【StackMirror】|asp.net|regex

I'm using the ASP.NET Membership property for authentication on my ASP.NET website. I want the passwords to be pretty secure. I want them to be 7 digits long, containing a letter, number, and a special character.

I found this to be added to the web.config

passwordStrengthRegularExpression=" @\"(?=.{6,})(?=(.*\d){1,})(?=(.*\W){1,})"

However, when I add this to my Membership profile, I get the following error:

Name cannot begin with the '(' character, hexadecimal value 0x28. Line 26, position 445.

So it looks like it's not seeing the escape character after the @ symbol, and it's trying to use that quote to end the tag. Any idea what I'm doing wrong?

Lastly, how would I modify this to also require a lower case letter and an upper case letter?

2012-04-05 17:44
by Pryach

Try with this:

ValidationExpression="(?=^.{7,51}$)([A-Za-z]{1})([A-Za-z0-9!@#$%_\^\&amp;\*\-\.\?]{5,49})$"

Here you can find lot of samples

2012-04-05 17:46
by coder

Don't believe that will work, as it will match against hellothJason 2012-04-05 18:38

If you are trying to escape the " and this is in your web.config file, you need to do ", that is the proper quote entity for xml. As for the regex you want, try this

^(?=[a-z]+)(?=.*?\d+)(?=.*?[`~!@#$%^&*\(\)\-_}{\]\[=+\\|]+).{7,}$

Will match against the following items in bold

helloth
hellot
hell0th
hell0Th
he!l0th
he!l0Th
he!l0Th3534534
he!l0Thdggfsg

You can add (?=.*?[A-Z]+) if you also want to require at least one upper case letter, and make it only match the last 3. Finally, you can modify the following block from the regex above to include only the special chars you want to allow.

[`~!@#$%^&*\(\)\-_}{\]\[=+\\|]

2012-04-05 18:46
by Jason

Instead of dealing with an expression no one understands, use three (or more). There following is some pseudo code for this idea:

abort('to short') if password.length < 8
abort('at least one letter') if password !~ /[a-z]/i
abort('at least two digits') if password !~ /[0-9].*[0-9]/
abort('at least one special character') if password !~ /[!@#$%^\*-=\+\?]/

2012-04-05 17:56
by Codism

'Added by Itrend solutions -Password Validation

Create a method and pass your text to validate the password strength .. Dim password AsString password = Trim(txtnewpassword.Text)

DimSmallCharacter() AsString = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z"} DimsmallchacountAsInteger = 0 ForEachsmallchaAsStringInSmallCharacter If (password.Contains(smallcha)) Then smallchacount = smallchacount + 1 EndIf Next Ifsmallchacount<= 0 Then MessageBox("Password Must Contain One Alphabet Character") Exit Sub EndIf

Dim Numbers() AsString = {"0", "1", "2", "3", "4", "5", "6", "7", "8", "9"} DimnumbercountAsInteger = 0 ForEachnumAsStringIn Numbers If (password.Contains(num)) Then numbercount = numbercount + 1 EndIf Next Ifnumbercount<= 0 Then MessageBox("Password Must Contain One Numeric Digit") Exit Sub EndIf

DimSpecial() AsString = {"@", "#", "$", "%", "^", "&", "*", "(", ")", "!"} DimcountSpecialAsInteger = 0 ForEach spec AsStringIn Special If (password.Contains(spec)) Then countSpecial = countSpecial + 1 EndIf Next IfcountSpecial<= 0 Then MessageBox("Password Must Contain One Special Character") Exit Sub

for More clarification please contact us

2013-07-19 13:50
by iTrend solutions

ya its working fine to validate the password strength in vb.ne - iTrend solutions 2013-07-19 13:57