.Net ramblings
# Tuesday, 01 March 2005
Regex for a strong password

This came in useful for ensuring that web site users have entered a strong password.  Thanks to Eli Robillard for posting this on his blog.

In this case, a strong password is defined as follows:

  • between 5 and 128 characters long
  • contains at least one digit
  • contains at least one upper case letter
  • contains at least one lower case letter.

Here is the pattern:

^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{5,128}$ 

C# code using this pattern:

public bool IsStrongPassword(string s)
{
    string pattern = @"^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{5,128}$";
    return Regex.IsMatch(s, pattern, RegexOptions.IgnorePatternWhitespace);
}

Tuesday, 01 March 2005 18:46:28 (GMT Standard Time, UTC+00:00)  #    Comments [0]  .Net General

OpenID
Please login with either your OpenID above, or your details below.
Name
E-mail
Home page

Comment (Some html is allowed: a@href@title, strike) where the @ means "attribute." For example, you can use <a href="" title=""> or <blockquote cite="Scott">.  

[Captcha]Enter the code shown (prevents robots):

Live Comment Preview