Home > Web Front-end > JS Tutorial > body text

Use regular expressions to verify password strength (two methods with codes attached)

php中世界最好的语言
Release: 2018-06-09 13:49:53
Original
2738 people have browsed it

This time I will bring you the use of regular expressions to verify password strength (two methods with codes). What are the precautions for using regular expressions to verify password strength? The following is a practical case, let’s take a look.

Preface

When users register, password regularity verification will be used. To write correct regular expressions, you must first define expression rules.

Option 1 (Simple)

Assume that password verification is defined as follows:

  • Shortest 6 digits, up to 16 digits {6,16}

  • can include lowercase letters [a-z] and uppercase letters [A-Z]

  • Can contain numbers [0-9]

  • Can contain underscores [_] and minus signs [-]

According to the above rules, it is easy The regular literal definition is given as follows:

var pattern = /^[\w_-]{6,16}$/;
Copy after login

Scheme 1 Analysis

Literal/ /

regular expression A literal is defined as a character contained between a pair of slashes (/), for example:

var pattern = /s$/;
Copy after login

The above literal matches all strings ending with the letter "s".

Character class [ ]

Put characters in square brackets to form a character class. A character class can match any character it contains. Therefore, the regular expression /[abc]/ matches any of the letters "a", "b", or "c".

Character classes can use hyphens to represent character ranges. To match Latin lowercase letters use /[a-z]/ .

Character class \w

Character class \w matches any word composed of ASCII characters, equivalent to [a-zA-Z0-9].

[\w_-] means matching any Latin uppercase and lowercase letters, numbers plus underscores and minus signs.

Repeat {}

Use { } in regular expressions to represent the number of times an element repeats.

  • {n,m} Match the previous item at least n times, but not more than m times

  • {n,} Match the previous item n times or more

  • {n} matches the previous item n times


[\w_-]{6,16} means matching any Latin uppercase and lowercase letters, numbers plus underscores and minus signs appearing at least 6 times and at most 16 times.

Matching position

^ Matches the beginning of the string, in multi-line retrieval, matches the beginning of a line
$ Matches the end of the string, in multiple lines During retrieval, match the end of a line
/^\w/ and match strings starting with uppercase and lowercase letters or numbers.

Option 1 test

The test results are given as follows:

var pattern = /^[\w_-]{6,16}$/;
pattern.test('123456') = true;
pattern.test('-ifat33') = true;
pattern.test('42du') = false;
pattern.test('du42du42du42du421') = false;
pattern.test('42du42@') = false;
Copy after login

View source code

According to the test It can be seen from the results that Solution 1 only briefly limits the password and cannot guarantee the strength of the password and the security of the account.

Option 2 (Security)

Assume that password verification is defined as follows:

  • Shortest 6 digits, up to 16 digits {6,16}

  • must contain 1 number

  • must contain 2 lowercase letters

  • must contain 2 uppercase letters

  • must contain 1 special character

According to the above rules, it is very It is easy to give the definition of regular literals as follows:

var pattern = /^.*(?=.{6,16})(?=.*\d)(?=.*[A-Z]{2,})(?=.*[a-z]{2,})(?=.*[!@#$%^&*?\(\)]).*$/;
Copy after login

Analysis of scenario 2

Character class.

Character class. Represents any character except newlines and other Unicode line terminators.

Forward lookahead assertion (?= )

Add an expression between the symbols "(?=" and ")", it is a lookahead assertion, Used to indicate that expressions within parentheses must match correctly. For example: /Java(?=\:)/ can only match Java and is followed by a colon.

(?=.*[!@#$%^&*?\(\)])

该先行断言表示,必须包括一个特殊字符。上述表达式中的10个特殊字符为键盘1,2...0的上档键字符,也可以添加别的特殊字符。注意:如果添加字符是正则表达式中具有特殊含义的,需要在符号前加反斜线(\)转义。

方案2测试

给出测试结果如下:

var pattern = /^.*(?=.{6,16})(?=.*\d)(?=.*[A-Z]{2,})(?=.*[a-z]{2,})(?=.*[!@#$%^&*?\(\)]).*$/;
pattern.test('du42DU!') = true;
pattern.test('duDUd!') = false;
pattern.test('42dud!') = false;
pattern.test('42DUD!') = false;
pattern.test('42duDU') = false;
pattern.test('42duU(') = false;
pattern.test('42dUU!') = false;
Copy after login

相信看了本文案例你已经掌握了方法,更多精彩请关注php中文网其它相关文章!

推荐阅读:

封装Vue2路由导航钩子并在实战中使用

vue组件做出无限级多选菜单

The above is the detailed content of Use regular expressions to verify password strength (two methods with codes attached). For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template