need
Recently, I have been using the most registration and login function for a software to determine the strength of the password and output the strength of the currently entered password. The passwords are divided into three levels in the requirements, namely low strength, medium strength, and high strength, but there is no detailed classification of what is low strength and what is high strength, so I simply did the classification when I did it. After classifying passwords, what I thought of is to use Regex expression to directly judge the strength of the password, input the password string and output the corresponding strength level.
The Regex expression is used here. Although it is still used frequently, I still have only a little understanding of its syntax. It is generally simple to use and does not require multiple judgments. After searching online, I basically found no Regex expressions that meet my requirements. Although you can use if...else... to make step-by-step judgments, for us, we will definitely not write the second sentence if we can use one code to explain things. So I still had a headache for a while. I took a general look at how others wrote it, briefly compared the grammar design, and then started to judge the strength of my own password to write Regex expressions.
Test Regex online
/
text
Password strength classification
First, complete the classification of password strength levels. The password is 6-16 digits and is divided into three levels: low, medium and high. Passwords are a random combination of upper and lower case letters, numbers, and English punctuation. Password strength level comparison table:
| length | describe | strength |
|---|---|---|
| 6<=Length<=8 | Pure numbers | Low |
| - | Pure numbers | Low |
| - | Pure letters | Low |
| - | Pure English punctuation | Low |
| - | Number + letters | middle |
| - | Number + punctuation | middle |
| - | Letters + punctuation | middle |
| - | Numbers + letters + punctuation | high |
| 9<=Length<=12 | Pure numbers | middle |
| - | Pure letters | middle |
| - | Pure English punctuation | middle |
| - | Number + letters | high |
| - | Number + punctuation | high |
| - | Letters + punctuation | high |
| - | Numbers + letters + punctuation | high |
| 13<=Length<=16 | all | high |
Regex Analysis
No matter how complex the Regex expression is, it cannot escape the most basic relationship or non-relationship. We can completely split the complex Regex expression from this aspect.
Before this, we need to understand the meaning of the following symbols.
| symbol | describe |
|---|---|
| ^ | Match the start position of the input string |
| $ | Match the end position of the input string |
| . | Match any single character except "\n" |
| * | Match the previous subexpression zero or multiple times |
| + | Match the previous subexpression once or more times |
| ? | Match the previous subexpression zero or once |
| \d | Match a numeric character. Equivalent to [0-9] |
| \S | Match any non-whitespace characters |
| [xyz] | Character types. Match any character in brackets |
| (xyz) | Character set, matching strings that are exactly equal to xyz |
| [a-z] | Match any lowercase alphabetical characters in the range 'a' to 'z' |
| (?=x) | Forward affirmative prequery contains x |
| {4,8 | } Match characters of 4 to 8 bits in length |
| | | or operator |
| \ | Escape characters, used to match some reserved characters {}.*+?^$\| |
| [^x] | Match any character other than x |
Take low-intensity passwords as an example. First, they need to meet 6-8 digits, and secondly, they are all numbers or letters or punctuation marks. The one that only meets these two conditions is low-intensity passwords. It will be achieved after splitting.
Let’s first look at how to implement expressions that satisfy 6-8 bits.
^\S{6,8}$ //Any non-whitespace character,And satisfied6-8BitMatching is a case of numbers.
^\d+$
The matches are all letters.
^[A-Za-z]+$
Matching is a symbol.
^[!@#$%^&*?=]+$
Splicing together is the regular expression of low-strength password:
(?=^\d+$|^[A-Za-z]+$|^[!@#$%^&*?=]+$)^\S{6,8}$The same applies to medium strength passwords.
Match the case where 6-8 digits contain both numbers and letters. It can be understood as a string containing numbers and letters, but not all numbers or letters.
(?=.*\d)(?=.*[A-Za-z])(?=^[\dA-Za-z]+$)^\S{6,8}$Match the case where 6-8 digits contain both numbers + punctuation (!@#$=%^&*?). Same as above.
(?=.*\d)(?=.*[!@#$=%^&*?])(?=^[\d!@#$=%^&*?]+$)^\S{6,8}$Match the case where 6-8 bits contain letters + punctuation. Same as above.
(?=.*[A-Za-z])(?=.*[!@#$%^&*?])(?=^[A-Za-z!@#$=%^&*?]+$)^\S{6,8}$Then add the case where 9-12 digits are matched with pure numbers, pure letters, and pure punctuation. The same way as before.
The same applies to high-strength passwords.
Supplement: Password strength Weak Medium Strong Regular expression judgment
Today I looked at the source code of the registration page in the project and then looked at the regular expression for judging the strength of the password. It was written very well, at least better than I wrote, so I recorded it for future reference.
The code is as follows
var strongRegex = new RegExp("^(?=.{8,})(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*\\W).*$", "g") //powerfulvar mediumRegex = new RegExp("^(?=.{7,})(((?=.*[A-Z])(?=.*[a-z]))|((?=.*[A-Z])(?=.*[0-9]))|((?=.*[a-z])(?=.*[0-9]))).*$", "g") //middlevar enoughRegex = new RegExp("(?=.{6,}).*", "g") //weakUse the keyup() method of input to detect passwords using the regular (password) method.
I have also learned a little bit of the basics of regular expressions before. Here are the three regular rules from strong to weak. If there is something wrong, please welcome the master to learn and make progress together!
Strong ==> Password length is greater than or equal to 8 digits. Contains uppercase letters [A-Z] + lowercase letters [a-z] + number [0-9] + special characters for non-word characters [punctuation marks, spaces, etc.] Ending
Medium ==> Password length is greater than or equal to 7 digits. Uppercase letters [A-Z] + lowercase letters [a-z] or uppercase letters [A-Z] + number [0-9] or lowercase letters [a-z] + number [0-9] + any character. End
Weak ==> 6 digits greater than or equal to any character or number (if this condition is not met, it is weak, so you need to use false to judge here)
This is the article about judging password strength from Regex Regex Regular Expression. For more related content on judging password strength from Regex, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!