✅ The following 4 regex patterns can help you to write almost any password validationPattern 1:/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*\W)(?!.* ).{8,16}$/ Explanation:
What are ^ and $: ^ indicates the beginning of the string. $ indicates the end of the string. If we don't use these ^ & $, the regex will not be able to determine the maximum length of the password. In the above example, we have a condition that the password can't be longer than 16 characters, to make that condition work, we have used these ^ & $ Remove maximum length restriction:
Don't accept any number(digit):
Don't accept any spcecial character:
Alternative Syntax for number(digit):
Pattern 2:/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*_)(?!.*\W)(?!.* ).{8,16}$/ Difference with the Pattern 1
Pattern 3:/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*_)(?!.* ).{8,16}$/ Difference with the Pattern 2
Pattern 4:/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).{8,16}$/ Difference with the Pattern 3
Page 2
I want a regular expression to check that: A password contains at least eight characters, including at least one number and includes both lower and uppercase letters and special characters, for example #, ?, !. It cannot be your old password or contain your username, "password", or "websitename" And here is my validation expression which is for eight characters including one uppercase letter, one lowercase letter, and one number or special character. (?=^.{8,}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$"How can I write it for a password must be eight characters including one uppercase letter, one special character and alphanumeric characters?
Passwords must contain:
Passphrases are longer versions of passwords that may be easier to remember and harder to guess. If you opt to use a passphrase, some of the complexity requirements are relaxed:
Some other considerations:
We encourage the use of a Password Manager, which makes it possible to use very complex passwords that are different for each site and are not reused. The University has partnered with LastPass to supply complimentary LastPass password management accounts to students, faculty, and staff. Other techniques for selecting strong and memorable passwords can be found in the OIT Information Security Office. (Note, however, that our password rules differ from OIT's password rules.)
For more information on choosing strong passwords visit the BU’s IS&T page General Guidelines:So, how do you have a “strong” password that is easy to remember? While it may seem tough to do this, there are a few simple tips that can make it easy.Note: the examples below illustrate just the concepts being discussed. No single technique should be used on its own, but rather should be used with other techniques. The combination of several will produce a strong password.
ChooseYou want to choose something that is easy to remember with a minimum of 8 characters that uses as many of the techniques above as possible. One way to do this is to pick a phrase you will remember, pick all the first or last letters from each word and then substitute some letters with numbers and symbols. You can then apply capitals to some letters (perhaps the first and last, or second to last, etc.) You could also perhaps keep or add punctuation. Some examples:
If you are selecting a password for a website, you may want to incorporate the first few letters of the website name into your password so that every password is different and if one gets out, you don’t have to change them all. This approach has good and bad points. For example, if you have a standard password like B53:tg’Sot (see above) that you like to use most places (this not recommended), you may modify it by placing the first and last letter of the website around it:
Do Not Choose…
WHY!?If you only use words from a dictionary or a purely numeric password, a hacker only has to try a limited list of possibilities. A hacking program can try the full set in under one minute. If you use the full set of characters and the techniques above, you force a hacker to continue trying every possible combination to find yours. If we assume that the password is 8 characters long, this table shows how many times a hacker may have to before guessing your password. Most password crackers have rules that can try millions of word variants per second, so the more algorithmically complex your password, the better.
The longer your password the more secure. If we take the full set of allowed printable characters set (the last line above) and increase the password length, the possible combinations jump exponentially (odd, considering that the calculation includes exponents…)
When we refer to character sets, they are typically numbers, upper and lowercase letters and a given set of symbols. For example:
|