Does password meet password requirement?

Question

User546194788 posted

I used code below to generate a random password.

How to code a function or sub to check if the password user input is met password requirement?

Public Function GetPassword(Optional ByVal Len As Integer = 6) As String

If Len < 6 Then
MsgBox("Minimum password length is 6 characters", MsgBoxStyle.OkOnly, "Minimum Length Reset")
Len = 6
End If

Dim pass As String = String.Empty

Dim nums As String() = "2 3 4 5 6 7 8 9".Split(" ") 'Omit 1 & 0
Dim lettU As String() = "A B C D E F G H J K L M N P Q R S T U V W X Y Z".Split(" ") 'Omit i,I,o & O
Dim lettL As String() = "A B C D E F G H J K M N P Q R S T U V W X Y Z".ToLower.Split(" ") 'Omit i,I,l, L,o & O
Dim chars As String() = "(-) @ # $ % * {-} [-] - _ ^ < > + = ~ /\".Split(" ") 'omit ? / \ ( ) ' " . , ; : &

Dim passRan() As Array = {nums, lettU, lettL, chars}

Dim min As Integer = 0
Dim max As Integer = passRan.Length 'this will include the length
Dim rnd As Integer = 0

Dim sb As New List(Of String)

For l As Integer = 0 To Len - passRan.Length - 1
'select the set to pick from ensuring you have a character from each set
If l = 0 Then
For p As Integer = 0 To passRan.Length - 1
'pick a random position in the selected set
max = passRan(p).Length
rnd = GetRandom(min, max)
sb.Add(passRan(p)(rnd))
Next
End If

'select the set to pick from by random
max = passRan.Length
rnd = GetRandom(min, max)
For p As Integer = 0 To passRan.Length - 1
'pick a random position in the selected set
If p = rnd Then
max = passRan(p).Length
rnd = GetRandom(min, max)
sb.Add(passRan(p)(rnd))
Exit For
End If
Next
Next

'shuffle the result
Dim R As New List(Of String)
R = sb.ToList
For Int As Integer = 0 To Len - 1
Dim curr As Integer = GetRandom(min, R.Count)
pass &= R(curr)
R.RemoveAt(curr)
Next

Return pass

End Function

 

Answer 1

User288213138 posted

Hi aspfun,

Based on your description, you can try using regular expressions to validate that the passwords you generate meet the requirements.

The code:

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As EventArgs)
    Dim reg As Regex = New Regex("^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{6,}$")
    Dim a As String = TextBox1.Text

    If reg.IsMatch(a) Then
        Response.Write("Meet the requirements")
    Else
        Response.Write("not Meet the requirements")
    End If
End Sub

The regular expressions represent : Minimum 6characters, at least one uppercase letter, one lowercase letter, one number and one special character.

Best regards,

Sam

Answer 2

User546194788 posted

But, regular expressions are not the same as my filters.

For example, my code 

Omit i,I,o & O

Answer 3

User753101303 posted

Hi,

ASP.NET identity uses something such as https://github.com/aspnet/AspNetIdentity/blob/master/src/Microsoft.AspNet.Identity.Core/PasswordValidator.cs

(you could even consider starting to use ASP.NET Identity even if just password validation for now ?)

As a side note AFAIK password generation is not done much any more as most users would likely changed the password to something else anyway.

Edit: if you really want to prevent using some characters in a password (I understand it is best for a generated password but IMO it should NOT be part of your rules) you could use a similar approach and count how many chars you have from each list and from not any list and then check those counts ie all password characters are really supposed to be in one of your list ?).