Solved

VB.net Regex password pattern verification?

Posted on 2006-11-28
5
927 Views
Last Modified: 2008-02-01
Hey all,

I'm writing an windows app using VB.net 2005.  Part of the application has a password field in it for the user logins.  I've been tinkering around with Regex for the last day or so however this is the first time that I'm using it so I'm not all that familiar with it.  What I'm trying to do is verify that the password is in the correct format and must contain at least 1 uppercase letter and 1 number, have no special characters in it and the rest of the letters can be lowercase (ie.  "Password123" as an example).  

Unfortunately I'm not at my IDE at the current moment so I can't paste any of the code I currently have, however I can add it in later it need be.  Does anyone know how I can code my app so that Regex will verify that the password string I pass it truely does contain at least 1 uppercase letter and 1 number and if it does not then it will provide a false condition if either the uppercase letter or the number are not present in the string.  I will handle the responses for both the true and false conditions so there isn't a need to worry about that.

Thanks,

Pete J.
0
Comment
Question by:PJan8724
5 Comments
 
LVL 17

Expert Comment

by:ZeonFlash
ID: 18030428
Here's a quick one that I came up with.  There are bound to be better ways of doing it, but this should at least get you going:

(.*([A-Z]+).*([0-9]+).*)|(.*([0-9]+).*([A-Z]+).*)
0
 
LVL 29

Expert Comment

by:Nightman
ID: 18030597
Do you only want that pattern, or something stronger?

  Public Shared Function IsPasswordStrong(ByVal password As String) As Boolean
    ' So what we mean by 'strong'
    'here is that the password satisfy the following rules -

    'this is an example policy - you may want to boost it up based on your requirements.
    ' a. Have atleast 15 characters
    ' b. Have atleast 3 digits
    ' c. Have atleast 2 special chars.
    Dim strongEx As Regex = New Regex("(?=.{15,})(?=(.*\d){3,})(?=(.*\W){2,})")

    IsPasswordStrong(strongEx.IsMatch(password))
  End Function

Ported from http://blogs.msdn.com/peerchan/archive/2005/11/01/credman.aspx
0
 
LVL 62

Accepted Solution

by:
Fernando Soto earned 500 total points
ID: 18032245
Hi Pete;

The following sample code will do what you asked for in the question. Please not that this Regex will accept a password as small as 2 characters in length. If you want to have a minimum and maximum number of characters for the password then you can use this pattern in place of the one in the sample code.

Dim pattern As String = "(?=.{min,max}$)(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"

Where min is the minimum number of characters in the password
          max is the maximum number of characters in the password

So for example the following pattern will only allow for the characters a-z or A-Z or the digits 0-9 and 1 must be in the range of A-Z and another in the range of 0-1 and the length must be between 8 and 10 characters inclusive.

Dim pattern As String = "(?=.{8,10}$)(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"


Imports System.Text.RegularExpressions

    Private Sub Button1_Click(ByVal sender As System.Object, _
        ByVal e As System.EventArgs) Handles Button1.Click
 
        ' For testing the below function
        If Not ValidatePassward(TextBox1.Text) Then
            MessageBox.Show("You have entered an invalid password")
        End If

    End Sub

    ' Function to test the password for the correct format.
    Private Function ValidatePassward(ByVal pw As String) As Boolean

        Dim pattern As String = "(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"
        Return Regex.IsMatch(pw, pattern)

    End Function


Fernando
0
 
LVL 1

Author Comment

by:PJan8724
ID: 18060890
FernandoSoto,

Thanks for all the help, your solution worked perfectly.

Pete J.
0
 
LVL 62

Expert Comment

by:Fernando Soto
ID: 18060917
Not a problem, glad I was able to help. ;=)
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

1.0 - Introduction Converting Visual Basic 6.0 (VB6) to Visual Basic 2008+ (VB.NET). If ever there was a subject full of murkiness and bad decisions, it is this one!   The first problem seems to be that people considering this task of converting…
Creating an analog clock UserControl seems fairly straight forward.  It is, after all, essentially just a circle with several lines in it!  Two common approaches for rendering an analog clock typically involve either manually calculating points with…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now