Okay, so I'm trying to adhere to the following password rule:
Must be 6 to 15 characters, include at least one lowercase letter, one uppercase letter and at least one number. It should also contain no spaces.
Now, for everything but the spaces, I've got:
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d).{6,15}$
Problem is, that allows spaces.
After looking around, I've tried using \s, but that messes up my lowercase and uppercase requirements. I also seen another suggestion to replace the * with a +, but that seemed to break the entire thing.
I've created a REFiddle if you want to have a live test.
To clarify, this is a client requirement unfortunately, I'm never usually this strict with passwords.
How about:
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)\S{6,15}$
\S stands for any NON space character.
Related
I'm trying to modify a fairly basic regex pattern in C# that tests for phone numbers.
The patterns is -
[0-9]+(\.[0-9][0-9]?)?
I have two questions -
1) The existing expression does work (although it is fairly restrictive) but I can't quite understand how it works. Regexps for similar issues seem to look more like this one -
/^[0-9()]+$/
2) How could I extend this pattern to allow brackets, periods and a single space to separate numbers. I tried a few variations to include -
[0-9().+\s?](\.[0-9][0-9]?)?
Although i can't seem to create a valid pattern.
Any help would be much appreciated.
Thanks,
[0-9]+(\.[0-9][0-9]?)?
First of all, I recommend checking out either regexr.com or regex101.com, so you yourself get an understanding of how regex works. Both websites will give you a step-by-step explanation of what each symbol in the regex does.
Now, one of the main things you have to understand is that regex has special characters. This includes, among others, the following: []().-+*?\^$. So, if you want your regex to match a literal ., for example, you would have to escape it, since it's a special character. To do so, either use \. or [.]. Backslashes serve to escape other characters, while [] means "match any one of the characters in this set". Some special characters don't have a special meaning inside these brackets and don't require escaping.
Therefore, the regex above will match any combination of digits of length 1 or more, followed by an optional suffix (foobar)?, which has to be a dot, followed by one or two digits. In fact, this regex seems more like it's supposed to match decimal numbers with up to two digits behind the dot - not phone numbers.
/^[0-9()]+$/
What this does is pretty simple - match any combination of digits or round brackets that has the length 1 or greater.
[0-9().+\s?](\.[0-9][0-9]?)?
What you're matching here is:
one of: a digit, round bracket, dot, plus sign, whitespace or question mark; but exactly once only!
optionally followed by a dot and one or two digits
A suitable regex for your purpose could be:
(\+\d{2})?((\(0\)\d{2,3})|\d{2,3})?\d+
Enter this in one of the websites mentioned above to understand how it works. I modified it a little to also allow, for example +49 123 4567890.
Also, for simplicity, I didn't include spaces - so when using this regex, you have to remove all the spaces in your input first. In C#, that should be possible with yourString.Replace(" ", ""); (simply replacing all spaces with nothing = deleting spaces)
The + after the character set is a quantifier (meaning the preceeding character, character set or group is repeated) at least one, and unlimited number of times and it's greedy (matched the most possible).
Then [0-9().+\s]+ will match any character in set one or more times.
I know the regex for excluding words, roughly anyway, It would be (!?wordToIgnore|wordToIgnore2|wordToIgnore3)
But I have an existing, complicated regex that I need to add this to, and I am a bit confused about how to go about that. I'm still pretty new to regex, and it took me a very long time to make this particular one, but I'm not sure where to insert it or how ...
The regex I have is ...
^(?!.*[ ]{2})(?!.*[']{2})(?!.*[-]{2})(?:[a-zA-Z0-9 \:/\p{L}'-]{1,64}$)$
This should only allow the person typing to insert between 1 and 64 letters that match that pattern, cannot start with a space, quote, double quote, special character, a dash, an escape character, etc, and only allows a-z both upper and lowercase, can include a space, ":", a dash, and a quote anywhere but the beginning.
But I want to forbid them from using certain words, so I have this list of words that I want to be forbidden, I just cannot figure out how to get that to fit into here.. I tried just pasting the whole .. "block" in, and that didn't work.
?!the|and|or|a|given|some|that|this|then|than
Has anyone encountered this before?
ciel, first off, congratulations for getting this far trying to build your regex rule. If you want to read something detailed about all kinds of exclusions, I suggest you have a look at Match (or replace) a pattern except in situations s1, s2, s3 etc
Next, in your particular situation, here is how we could approach your regex.
For consision, let's make all the negative lookarounds more compact, replacing them with a single (?!.*(?: |-|'){2})
In your character class, the \: just escapes the colon, needlessly so as : is enough. I assume you wanted to add a backslash character, and if so we need to use \\
\p{L} includes [a-zA-Z], so you can drop [a-zA-Z]. But are you sure you want to match all letters in any script? (Thai etc). If so, remember to set the u flag after the regex string.
For your "bad word exclusion" applying to the whole string, place it at the same position as the other lookarounds, i.e., at the head of the string, but using the .* as in your other exclusions: (?!.*(?:wordToIgnore|wordToIgnore2|wordToIgnore3)) It does not matter which lookahead comes first because lookarounds do not change your position in the string. For more on this, see Mastering Lookahead and Lookbehind
This gives us this glorious regex (I added the case-insensitive flag):
^(?i)(?!.*(?:wordToIgnore|wordToIgnore2|wordToIgnore3))(?!.*(?: |-|'){2})(?:[\\0-9 :/\p{L}'-]{1,64}$)$
Of course if you don't want unicode letters, replace \p{L} with a-z
Also, if you want to make sure that the wordToIgnore is a real word, as opposed to an embedded string (for instance you don't want cat but you are okay with catalog), add boundaries to the lookahead rule: (?!.*\b(?:wordToIgnore|wordToIgnore2|wordToIgnore3)\b)
use this:
^(?!.*(the|and|or|a|given|some|that|this|then|than))(?!.*[ ]{2})(?!.*[']{2})(?!.*[-]{2})(?:[a-zA-Z0-9 \:\p{L}'-]{1,64}$)$
see demo
After extensive search, I am unable to find an explanation for the need to use .* in regex. For example, MSDN suggests a password regex of
#\"(?=.{6,})(?=(.*\d){1,})(?=(.*\W){1,})"
for length >= 6, 1+ digit and 1+ special character.
Why can't I just use:
#\"(?=.{6,})(?=(\d){1,})(?=(\W){1,})"
.* just means "0 or more of any character"
It's broken down into two parts:
. - a "dot" indicates any character
* - means "0 or more instances of the preceding regex token"
In your example above, this is important, since they want to force the password to contain a special character and a number, while still allowing all other characters. If you used \d instead of .*, for example, then that would restrict that portion of the regex to only match decimal characters (\d is shorthand for [0-9], meaning any decimal). Similarly, \W instead of .*\W would cause that portion to only match non-word characters.
A good reference containing many of these tokens for .NET can be found on the MSDN here: Regular Expression Language - Quick Reference
Also, if you're really looking to delve into regex, take a look at http://www.regular-expressions.info/. While it can sometimes be difficult to find what you're looking for on that site, it's one of the most complete and begginner-friendly regex references I've seen online.
Just FYI, that regex doesn't do what they say it does, and the way it's written is needlessly verbose and confusing. They say it's supposed to match more than seven characters, but it really matches as few as six. And while the other two lookaheads correctly match at least one each of the required character types, they can be written much more simply.
Finally, the string you copied isn't just a regex, it's an XML attribute value (including the enclosing quotes) that seems to represent a C# string literal (except the closing quote is missing). I've never used a Membership object, but I'm pretty sure that syntax is faulty. In any case, the actual regex is:
(?=.{6,})(?=(.*\d){1,})(?=(.*\W){1,})
..but it should be:
(?=.{8,})(?=.*\d)(?=.*\W)
The first lookahead tries to match eight or more of any characters. If it succeeds, the match position (or cursor, if you prefer) is reset to the beginning and the second lookahead scans for a digit. If it finds one, the cursor is reset again and the third lookahead scans for a special character. (Which, by the way, includes whitespace, control characters, and a boatload of other esoteric characters; probably not what the author intended.)
If you left the .* out of the latter two lookaheads, you would have (?=\d) asserting that the first character is a digit, and (?=\W) asserting that it's not a digit. (Digits are classed as word characters, and \W matches anything that's not a word character.) The .* in each lookahead causes it to initially gobble up the whole string, then backtrack, giving back one character at a time until it reaches a spot where the \d or \W can match. That's how they can match the digit and the special character anywhere in the string.
The .* portion just allows for literally any combination of characters to be entered. It's essentially allowing for the user to add any level of extra information to the password on top of the data you are requiring
Note: I don't think that MSDN page is actually suggesting that as a password validator. It is just providing an example of a possible one.
I have created a regex that only allows the user to enter numbers and letters.
^[a-zA-Z0-9]+$
I wanted to make sure that the first character is uppercase so I looked up how to do it and i changed my equation to this:
^[A-Z][a-zA-Z0-9]+$
I tested my equation on a few sites that test regex and it works properly but when I put it into my program it doesnt seem to work.
Change ^[A-Z][a-zA-Z0-9]+$ to ^[A-Z][a-zA-Z0-9]*$. If it is ^[A-Z][a-zA-Z0-9]+$ then you are requiring a 2 character string, the first letter of which is capital. The modified version allows 1 character strings as well. Does that help?
Use a Regex method that allows you to specify a RegexOptions value, with RegexOptions.IgnoreCase turned off.
I need a regex for the following criteria:
Atleast 7 alphanumeric characters with 1 special character
I used this:
^.*(?=.{7,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[##$!%^&+=]).*$
It works fine if I type Password1! but doesnt work for PASSWORD1!.
Wont work for: Stmaryshsp1tal!
I am using the Jquery validation plugin where I specify the regex.
When I use a regular expression validator and specify the following regex:
^.*(?=.{7,})(?=(.*\W){1,}).*$
It works perfectly without any issues. When I set this regex in the Jquery validation I am using it doesnt work.
Please can someone shed some light on this? I want to understand why my first regex doesnt work.
(?=.\d)(?=.[a-z])
tries to match a digit and an alphanumeric character at the same place. Remember that (?= ... ) does not glob anything.
What you want is probably:
^(?=.*\W)(?=(.*\w){7})
This is exactly the same as veryfying that your string both matches ^.*\W (at least one special character) and ^(.*\w){7}) (7 alphanumeric characters. Note that it also matches if there are more.
Try this regex:
\S*[##$!%^&+=]+\S*(?<=\S{7,})
EDIT3: Ok, this is last edit ;).
This will match also other special characters. So if you wan't limit the number of valid characters change \S to range of all valid characters.
Here is the regex , I think it can handle all possible combination..
^(?=.{7,})\w*[.##$!%^&+=]+(\w*[.##$!%^&+=]*)*$
here is the link for this regex, http://regexr.com?2tuh5
As a good tool for quickly testing regular expressions I'd suggest http://regexpal.com/ (no relations ;) ). Sometimes simplifying your expression helps a lot.
Then you might want to try something like ^[a-zA-Z0-9##$!%^&+=]{7,}$
Update 2 now including digits
^.*(?=.{7,})(?=.*\d)(?=.*[a-zA-Z])(?=.*[##$%^&+=!]).*$
This matches:
Stmarysh3sptal!, password1!, PASSWORD1P!!!!!!##^^ASSWORD1, 122ss121a212!!
... but not:
Password1, PASSWORD1PASSWORD1, PASSWORD!, Password!, 1221121212!! etc
The reason it matches Password1! but not PASSWORD1! is this clause:
(?=.*[a-z])
That requires at least one lowercase letter in the password. The pattern says that the password must be at least 7 characters long, and contain both uppercase and lowercase letters, at least one number, and at least one of ##$!%^&+=. PASSWORD1! fails because there are no lowercase letters in it.
The second pattern accepts PASSWORD1! because it's a far, far weaker password requirement. All it requires is that the password is 7+ characters and has at least one special character in it (other than _). The {1,} is unnecessary, by the way.
If I were you, I'd avoid weakening the password and just leave it as it is. If I wanted to allow all-lowercase or all-uppercase passwords for some reason, I'd simply change it to
^(?=.*\d)(?=.*[a-zA-Z])(?=.*[##$!%^&+=]).{7,}$
...thus not weakening the password requirements any more than I had to.