News Ticker

Password Validation with PHP and Regular Expressions

7 views techsupport
Password Validation with PHP and Regular Expressions

Regular Expressions are equally complicated and elegant at the exact same time. They may be made to look like someone was only hammering randomly on their keyboard. They’re also a remarkably effective and elegant solution to describing the structure of the text and fitting those structures. They’re very handy for defining what a string should look like and as such are very great to be used in password validation. It’s essential that the password needs to validation With safe & strength for security. So Make it difficult for password crackers. Use long passwords with letters, CAPS, numbers, and symbols. Let’s check a password validation with PHP and regular expressions. That is a straightforward and long example for php beginners.
 

$pwd = $_POST['password '];
if( strlen($password ) < 8 ) {
$error .= "Password too short!
";
}
if( strlen($password ) > 20 ) {
$error .= "Password too long!
";
}
if( strlen($password ) < 8 ) {
$error .= "Password too short!
";
}
if( !preg_match("#[0-9]+#", $password ) ) {
$error .= "Password must include at least one number!
";
}
if( !preg_match("#[a-z]+#", $password ) ) {
$error .= "Password must include at least one letter!
";
}
if( !preg_match("#[A-Z]+#", $password ) ) {
$error .= "Password must include at least one CAPS!
";
}
if( !preg_match("#W+#", $password ) ) {
$error .= "Password must include at least one symbol!
";
}
if($error){
echo "Password validation failure(your choise is weak): $error";
} else {
echo "Your password is strong.";
}

Short example with Regex

This is the short version of that password -check with regex (lookahead / lookbehind / lookaround) using PHP’s PCRE engine.
 

$password = $_POST['password '];
if (preg_match("#.*^(?=.{8,20})(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*W).*$#", $password )){
echo "Your password is strong.";
} else {
echo "Your password is not safe.";
}

 
You may use "d" instead of "[a-z]" and "W" instead of non-word characters, symbols. You can make a manual list of most used symbols like [#.-_,$%&!]. Remember most consumers don’t enjoy passwords with symbols, you can exclude emblem check for. Just check letters, duration, caps, and numbers.
 

$password= $_POST['password'];
if (preg_match("#.*^(?=.{8,20})(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9]).*$#", $password)){
echo "Your password is good.";
} else {
echo "Your password is bad.";
}
techsupport
Author

techsupport