[Omaha.pm] One-liner regexp to check for password strength...
Jay Hannah
jay at jays.net
Thu Jul 14 19:10:14 PDT 2005
?? I was going through the archive and my Inbox and no one replied to
this? I thought I did? hmmm... oh well, take2? -grin-
On Jun 15, 2005, at 23:26, Daniel Linder wrote:
> I'm looking for a Perl one-liner regexp that will check a given
> password
> string to see if it meets a 'strength' requiement.
>
> The tests are:
> 1: Length >= 6 characters
> 2a: Contains number(s) (0-9)
> 2b: Contains lowercase letter(s) (a-z)
> 2c: Contains uppercase letter(s) (A-Z)
> 2d: Contains symbol character(s) (!@#$%^&*()-=_+`~\|":;<>,.?/ ... etc)
>
> A password is good if it meets rule #1 and three of the four in #2.
Wow. I don't think you'll get a one liner to do all that. Not a
readable one anyway.
> At first glance a check such as /[a-z]+[A-Z]+[0-9]+/ could be a start,
> but
> it requires that the order of the lower case characters be before any
> upper-case characters or numbers, plus it ignores the length
> requirement.
>
> I've pretty much given up on a one-liner and this is the closest I can
> come up with (ugly):
>
> #!/usr/bin/perl
>
> $PASSWD=shift;
>
> $LEN = length($PASSWD);
> printf ("LEN: $LEN\n");
>
> $NumDigits = ($PASSWD =~ tr/[0-9]*//);
> printf ("NumDigits: $NumDigits\n");
>
> $NumUpperCase = ($PASSWD =~ tr/[A-Z]*//);
> printf ("NumUpperCase: $NumUpperCase\n");
>
> $NumLowerCase = ($PASSWD =~ tr/[a-z]*//);
> printf ("NumLowerCase: $NumLowerCase\n");
>
> $NumSpecial = ($PASSWD =~
> tr/[\!\@\#\$\%\^\&\*\(\)\_\+\-\=\{\}\[\]\\\|;\':\"\,\.\/\<\>\?\~\`]*/
> /);
> printf ("NumSpecial: $NumSpecial\n");
>
> if ( ( $LEN >= 6 )
> and
> ( ($NumDigits?1:0) + ($NumUpperCase?1:0) + ($NumLowerCase?1:0) +
> ($NumSpecial?1:0) >= 3 )
> ) {
> printf ("Password \"%s\" passed.\n", $PASSWD);
> }
>
> Dan
Looks good to me! Maybe it could be cleaner? Something like this? (Not
tested.)
#!/usr/bin/perl
$_ = shift;
$points++ if (/[0-9]/);
$points++ if (/[A-Z]/);
$points++ if (/[a-z]/);
$points++ if
(/[\!\@\#\$\%\^\&\*\(\)\_\+\-\=\{\}\[\]\\\|;\':\"\,\.\/\<\>\?\~\`]/);
die "Failed" unless (length($_) >=6 and $points >=3);
print "Yay! $_ passed!\n";
Good/bad? HTH,
j
More information about the Omaha-pm
mailing list