Regular Expressions are equally complicated and elegant at the exact same time. They may be made to look like someone was only hammering randomly on their keyboard. They’re also a remarkably effective and elegant solution to describing the structure of the text and fitting those structures. They’re very handy for defining what a string should look like and as such are very great to be used in password validation. It’s essential that the password needs to validation With safe & strength for security. So Make it difficult for password crackers. Use long passwords with letters, CAPS, numbers, and symbols. Let’s check a password validation with PHP and regular expressions. That is a straightforward and long example for php beginners.
$pwd = $_POST['password ']; if( strlen($password ) < 8 ) { $error .= "Password too short! "; } if( strlen($password ) > 20 ) { $error .= "Password too long! "; } if( strlen($password ) < 8 ) { $error .= "Password too short! "; } if( !preg_match("#[0-9]+#", $password ) ) { $error .= "Password must include at least one number! "; } if( !preg_match("#[a-z]+#", $password ) ) { $error .= "Password must include at least one letter! "; } if( !preg_match("#[A-Z]+#", $password ) ) { $error .= "Password must include at least one CAPS! "; } if( !preg_match("#W+#", $password ) ) { $error .= "Password must include at least one symbol! "; } if($error){ echo "Password validation failure(your choise is weak): $error"; } else { echo "Your password is strong."; }
Short example with Regex
This is the short version of that password -check with regex (lookahead / lookbehind / lookaround) using PHP’s PCRE engine.
$password = $_POST['password ']; if (preg_match("#.*^(?=.{8,20})(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*W).*$#", $password )){ echo "Your password is strong."; } else { echo "Your password is not safe."; }
You may use "d"
instead of "[a-z]"
and "W"
instead of non-word characters, symbols. You can make a manual list of most used symbols like [#.-_,$%&!]
. Remember most consumers don’t enjoy passwords with symbols, you can exclude emblem check for. Just check letters, duration, caps, and numbers.
$password= $_POST['password']; if (preg_match("#.*^(?=.{8,20})(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9]).*$#", $password)){ echo "Your password is good."; } else { echo "Your password is bad."; }