[Omaha.pm] One-liner regexp to check for password strength...

Jay Hannah jay at jays.net
Thu Jul 14 19:10:14 PDT 2005 

?? I was going through the archive and my Inbox and no one replied to  
this? I thought I did? hmmm... oh well, take2? -grin-

On Jun 15, 2005, at 23:26, Daniel Linder wrote:
> I'm looking for a Perl one-liner regexp that will check a given  
> password
> string to see if it meets a 'strength' requiement.
>
> The tests are:
> 1:  Length >= 6 characters
> 2a: Contains number(s) (0-9)
> 2b: Contains lowercase letter(s) (a-z)
> 2c: Contains uppercase letter(s) (A-Z)
> 2d: Contains symbol character(s) (!@#$%^&*()-=_+`~\|":;<>,.?/ ... etc)
>
> A password is good if it meets rule #1 and three of the four in #2.

Wow. I don't think you'll get a one liner to do all that. Not a  
readable one anyway.

> At first glance a check such as /[a-z]+[A-Z]+[0-9]+/ could be a start,  
> but
> it requires that the order of the lower case characters be before any
> upper-case characters or numbers, plus it ignores the length  
> requirement.
>
> I've pretty much given up on a one-liner and this is the closest I can
> come up with (ugly):
>
> #!/usr/bin/perl
>
> $PASSWD=shift;
>
> $LEN = length($PASSWD);
> printf ("LEN: $LEN\n");
>
> $NumDigits = ($PASSWD =~ tr/[0-9]*//);
> printf ("NumDigits: $NumDigits\n");
>
> $NumUpperCase = ($PASSWD =~ tr/[A-Z]*//);
> printf ("NumUpperCase: $NumUpperCase\n");
>
> $NumLowerCase = ($PASSWD =~ tr/[a-z]*//);
> printf ("NumLowerCase: $NumLowerCase\n");
>
> $NumSpecial   = ($PASSWD =~
> tr/[\!\@\#\$\%\^\&\*\(\)\_\+\-\=\{\}\[\]\\\|;\':\"\,\.\/\<\>\?\~\`]*/ 
> /);
> printf ("NumSpecial: $NumSpecial\n");
>
> if ( ( $LEN >= 6 )
>      and
>      ( ($NumDigits?1:0) + ($NumUpperCase?1:0) + ($NumLowerCase?1:0) +
> ($NumSpecial?1:0) >= 3 )
>    ) {
>         printf ("Password \"%s\" passed.\n", $PASSWD);
> }
>
> Dan

Looks good to me! Maybe it could be cleaner? Something like this? (Not  
tested.)

#!/usr/bin/perl
$_ = shift;
$points++ if (/[0-9]/);
$points++ if (/[A-Z]/);
$points++ if (/[a-z]/);
$points++ if  
(/[\!\@\#\$\%\^\&\*\(\)\_\+\-\=\{\}\[\]\\\|;\':\"\,\.\/\<\>\?\~\`]/);
die "Failed" unless (length($_) >=6 and $points >=3);
print "Yay! $_ passed!\n";

Good/bad? HTH,

j

More information about the Omaha-pm mailing list