Solved

VB.net Regex password pattern verification?

Posted on 2006-11-28
5
932 Views
Last Modified: 2008-02-01
Hey all,

I'm writing an windows app using VB.net 2005.  Part of the application has a password field in it for the user logins.  I've been tinkering around with Regex for the last day or so however this is the first time that I'm using it so I'm not all that familiar with it.  What I'm trying to do is verify that the password is in the correct format and must contain at least 1 uppercase letter and 1 number, have no special characters in it and the rest of the letters can be lowercase (ie.  "Password123" as an example).  

Unfortunately I'm not at my IDE at the current moment so I can't paste any of the code I currently have, however I can add it in later it need be.  Does anyone know how I can code my app so that Regex will verify that the password string I pass it truely does contain at least 1 uppercase letter and 1 number and if it does not then it will provide a false condition if either the uppercase letter or the number are not present in the string.  I will handle the responses for both the true and false conditions so there isn't a need to worry about that.

Thanks,

Pete J.
0
Comment
Question by:PJan8724
5 Comments
 
LVL 17

Expert Comment

by:ZeonFlash
ID: 18030428
Here's a quick one that I came up with.  There are bound to be better ways of doing it, but this should at least get you going:

(.*([A-Z]+).*([0-9]+).*)|(.*([0-9]+).*([A-Z]+).*)
0
 
LVL 29

Expert Comment

by:Nightman
ID: 18030597
Do you only want that pattern, or something stronger?

  Public Shared Function IsPasswordStrong(ByVal password As String) As Boolean
    ' So what we mean by 'strong'
    'here is that the password satisfy the following rules -

    'this is an example policy - you may want to boost it up based on your requirements.
    ' a. Have atleast 15 characters
    ' b. Have atleast 3 digits
    ' c. Have atleast 2 special chars.
    Dim strongEx As Regex = New Regex("(?=.{15,})(?=(.*\d){3,})(?=(.*\W){2,})")

    IsPasswordStrong(strongEx.IsMatch(password))
  End Function

Ported from http://blogs.msdn.com/peerchan/archive/2005/11/01/credman.aspx
0
 
LVL 62

Accepted Solution

by:
Fernando Soto earned 500 total points
ID: 18032245
Hi Pete;

The following sample code will do what you asked for in the question. Please not that this Regex will accept a password as small as 2 characters in length. If you want to have a minimum and maximum number of characters for the password then you can use this pattern in place of the one in the sample code.

Dim pattern As String = "(?=.{min,max}$)(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"

Where min is the minimum number of characters in the password
          max is the maximum number of characters in the password

So for example the following pattern will only allow for the characters a-z or A-Z or the digits 0-9 and 1 must be in the range of A-Z and another in the range of 0-1 and the length must be between 8 and 10 characters inclusive.

Dim pattern As String = "(?=.{8,10}$)(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"


Imports System.Text.RegularExpressions

    Private Sub Button1_Click(ByVal sender As System.Object, _
        ByVal e As System.EventArgs) Handles Button1.Click
 
        ' For testing the below function
        If Not ValidatePassward(TextBox1.Text) Then
            MessageBox.Show("You have entered an invalid password")
        End If

    End Sub

    ' Function to test the password for the correct format.
    Private Function ValidatePassward(ByVal pw As String) As Boolean

        Dim pattern As String = "(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"
        Return Regex.IsMatch(pw, pattern)

    End Function


Fernando
0
 
LVL 1

Author Comment

by:PJan8724
ID: 18060890
FernandoSoto,

Thanks for all the help, your solution worked perfectly.

Pete J.
0
 
LVL 62

Expert Comment

by:Fernando Soto
ID: 18060917
Not a problem, glad I was able to help. ;=)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Round a string to two digits 12 31
Set form below another form 3 35
Vb. Net application freezes 9 30
Variable Event ? 3 23
This tutorial demonstrates one way to create an application that runs without any Forms but still has a GUI presence via an Icon in the System Tray. The magic lies in Inheriting from the ApplicationContext Class and passing that to Application.Ru…
I think the Typed DataTable and Typed DataSet are very good options when working with data, but I don't like auto-generated code. First, I create an Abstract Class for my DataTables Common Code.  This class Inherits from DataTable. Also, it can …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now