locked
Does password meet password requirement? RRS feed

  • Question

  • User546194788 posted

    I used code below to generate a random password.

    How to code a function or sub to check if the password user input is met password requirement?

    Public Function GetPassword(Optional ByVal Len As Integer = 6) As String

    If Len < 6 Then
    MsgBox("Minimum password length is 6 characters", MsgBoxStyle.OkOnly, "Minimum Length Reset")
    Len = 6
    End If

    Dim pass As String = String.Empty

    Dim nums As String() = "2 3 4 5 6 7 8 9".Split(" ") 'Omit 1 & 0
    Dim lettU As String() = "A B C D E F G H J K L M N P Q R S T U V W X Y Z".Split(" ") 'Omit i,I,o & O
    Dim lettL As String() = "A B C D E F G H J K M N P Q R S T U V W X Y Z".ToLower.Split(" ") 'Omit i,I,l, L,o & O
    Dim chars As String() = "(-) @ # $ % * {-} [-] - _ ^ < > + = ~ /\".Split(" ") 'omit ? / \ ( ) ' " . , ; : &

    Dim passRan() As Array = {nums, lettU, lettL, chars}

    Dim min As Integer = 0
    Dim max As Integer = passRan.Length 'this will include the length
    Dim rnd As Integer = 0

    Dim sb As New List(Of String)

    For l As Integer = 0 To Len - passRan.Length - 1
    'select the set to pick from ensuring you have a character from each set
    If l = 0 Then
    For p As Integer = 0 To passRan.Length - 1
    'pick a random position in the selected set
    max = passRan(p).Length
    rnd = GetRandom(min, max)
    sb.Add(passRan(p)(rnd))
    Next
    End If

    'select the set to pick from by random
    max = passRan.Length
    rnd = GetRandom(min, max)
    For p As Integer = 0 To passRan.Length - 1
    'pick a random position in the selected set
    If p = rnd Then
    max = passRan(p).Length
    rnd = GetRandom(min, max)
    sb.Add(passRan(p)(rnd))
    Exit For
    End If
    Next
    Next

    'shuffle the result
    Dim R As New List(Of String)
    R = sb.ToList
    For Int As Integer = 0 To Len - 1
    Dim curr As Integer = GetRandom(min, R.Count)
    pass &= R(curr)
    R.RemoveAt(curr)
    Next

    Return pass

    End Function

     

    Tuesday, July 30, 2019 7:46 PM

All replies

  • User288213138 posted

    Hi aspfun,

    Based on your description, you can try using regular expressions to validate that the passwords you generate meet the requirements.

    The code:

    Protected Sub Button1_Click(ByVal sender As Object, ByVal e As EventArgs)
        Dim reg As Regex = New Regex("^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{6,}$")
        Dim a As String = TextBox1.Text
    
        If reg.IsMatch(a) Then
            Response.Write("Meet the requirements")
        Else
            Response.Write("not Meet the requirements")
        End If
    End Sub

    The regular expressions represent : Minimum 6characters, at least one uppercase letter, one lowercase letter, one number and one special character.

    Best regards,

    Sam

    Wednesday, July 31, 2019 6:53 AM
  • User546194788 posted

    But, regular expressions are not the same as my filters.

    For example, my code 

    Omit i,I,o & O

    Wednesday, July 31, 2019 12:56 PM
  • User753101303 posted

    Hi,

    ASP.NET identity uses something such as https://github.com/aspnet/AspNetIdentity/blob/master/src/Microsoft.AspNet.Identity.Core/PasswordValidator.cs

    (you could even consider starting to use ASP.NET Identity even if just password validation for now ?)

    As a side note AFAIK password generation is not done much any more as most users would likely changed the password to something else anyway.

    Edit: if you really want to prevent using some characters in a password (I understand it is best for a generated password but IMO it should NOT be part of your rules) you could use a similar approach and count how many chars you have from each list and from not any list and then check those counts ie all password characters are really supposed to be in one of your list ?).

    Wednesday, July 31, 2019 1:19 PM