Use RegularExpression to enforce strong password

I came across to a post by Anil John talking about how to enforce password complexity by using regular expresion.

Here is the regular expression he wrote:

^.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=]).*$

What it enforces is:

  • Must be at least 10 characters
  • Must contain at least one one lower case letter, one upper case letter, one digit and one special character
  • Valid special characters are –   @#$%^&+=

This regular expression can be easily used for the RegularExpressValidator control in ASP.NET, and can be easily modified as well to suit your requirements.

Leave a Reply

avatar
  Subscribe  
Notify of