Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

VB.net Regex password pattern verification?

Posted on 2006-11-28
5
941 Views
Last Modified: 2008-02-01
Hey all,

I'm writing an windows app using VB.net 2005.  Part of the application has a password field in it for the user logins.  I've been tinkering around with Regex for the last day or so however this is the first time that I'm using it so I'm not all that familiar with it.  What I'm trying to do is verify that the password is in the correct format and must contain at least 1 uppercase letter and 1 number, have no special characters in it and the rest of the letters can be lowercase (ie.  "Password123" as an example).  

Unfortunately I'm not at my IDE at the current moment so I can't paste any of the code I currently have, however I can add it in later it need be.  Does anyone know how I can code my app so that Regex will verify that the password string I pass it truely does contain at least 1 uppercase letter and 1 number and if it does not then it will provide a false condition if either the uppercase letter or the number are not present in the string.  I will handle the responses for both the true and false conditions so there isn't a need to worry about that.

Thanks,

Pete J.
0
Comment
Question by:PJan8724
5 Comments
 
LVL 17

Expert Comment

by:ZeonFlash
ID: 18030428
Here's a quick one that I came up with.  There are bound to be better ways of doing it, but this should at least get you going:

(.*([A-Z]+).*([0-9]+).*)|(.*([0-9]+).*([A-Z]+).*)
0
 
LVL 29

Expert Comment

by:Nightman
ID: 18030597
Do you only want that pattern, or something stronger?

  Public Shared Function IsPasswordStrong(ByVal password As String) As Boolean
    ' So what we mean by 'strong'
    'here is that the password satisfy the following rules -

    'this is an example policy - you may want to boost it up based on your requirements.
    ' a. Have atleast 15 characters
    ' b. Have atleast 3 digits
    ' c. Have atleast 2 special chars.
    Dim strongEx As Regex = New Regex("(?=.{15,})(?=(.*\d){3,})(?=(.*\W){2,})")

    IsPasswordStrong(strongEx.IsMatch(password))
  End Function

Ported from http://blogs.msdn.com/peerchan/archive/2005/11/01/credman.aspx
0
 
LVL 63

Accepted Solution

by:
Fernando Soto earned 500 total points
ID: 18032245
Hi Pete;

The following sample code will do what you asked for in the question. Please not that this Regex will accept a password as small as 2 characters in length. If you want to have a minimum and maximum number of characters for the password then you can use this pattern in place of the one in the sample code.

Dim pattern As String = "(?=.{min,max}$)(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"

Where min is the minimum number of characters in the password
          max is the maximum number of characters in the password

So for example the following pattern will only allow for the characters a-z or A-Z or the digits 0-9 and 1 must be in the range of A-Z and another in the range of 0-1 and the length must be between 8 and 10 characters inclusive.

Dim pattern As String = "(?=.{8,10}$)(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"


Imports System.Text.RegularExpressions

    Private Sub Button1_Click(ByVal sender As System.Object, _
        ByVal e As System.EventArgs) Handles Button1.Click
 
        ' For testing the below function
        If Not ValidatePassward(TextBox1.Text) Then
            MessageBox.Show("You have entered an invalid password")
        End If

    End Sub

    ' Function to test the password for the correct format.
    Private Function ValidatePassward(ByVal pw As String) As Boolean

        Dim pattern As String = "(?=[a-z0-9]*[A-Z])(?=[a-zA-Z]*[0-9])"
        Return Regex.IsMatch(pw, pattern)

    End Function


Fernando
0
 
LVL 1

Author Comment

by:PJan8724
ID: 18060890
FernandoSoto,

Thanks for all the help, your solution worked perfectly.

Pete J.
0
 
LVL 63

Expert Comment

by:Fernando Soto
ID: 18060917
Not a problem, glad I was able to help. ;=)
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exit the loop 4 49
VB.net and sql server 4 45
How to extract certain lines from textfile and save them to another file? 4 36
Groupbox Control ? 2 17
The ECB site provides FX rates for major currencies since its inception in 1999 in the form of an XML feed. The files have the following format (reducted for brevity) (CODE) There are three files available HERE (http://www.ecb.europa.eu/stats/exch…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question