-3

i want to validate password in c programming with below rules.

  • at least one uppercase word

  • at least one lowercase word

  • at least one number

  • at least one symbol (!@#$%^&*)

  • length: 8 - 32

how can I do that with regex or without it?

user3693951
  • 39
  • 9
  • 2
    So what have you tried? Got some code for us to look at? – Joe Sep 01 '14 at 08:29
  • You might have a loop and use macros like [isalpha(3)](http://man7.org/linux/man-pages/man3/isalpha.3.html); is the input UTF-8? – Basile Starynkevitch Sep 01 '14 at 08:33
  • I tried (regcomp(&re,"^(?=(.*\d))(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*]).{8,32}$", REG_EXTENDED) != 0) but it generates error code 1. – user3693951 Sep 01 '14 at 08:34
  • 2
    As an aside, I think rules like this are annoying. They force people to invent hard-to-remember passwords or doing simple substitution of letters with similar digits / symbols, which hardly adds any security. The only rule I can fully agree with here is the lower length limit. Meanwhile, the upper limit of 32 characters could limit some people who want to use passphrases or [xkcd-style passwords](http://xkcd.com/936/) - what's the reason for that one? – Medo42 Sep 01 '14 at 08:37
  • This is an important password, not a regular password for a user. So I need a secure password. – user3693951 Sep 01 '14 at 08:44
  • @Medo42 +1 For the XKCD reference. Definitely the way forward! :-) – Joe Sep 01 '14 at 08:48
  • 1
    My point is that these rules don't do much to enforce the security of the password. Your rules would accept "P4$sw0rd" but reject "a4nGL5eqHBjecY2U2Bai" or "twenty fear express importance" which are both much safer, and the latter has the advantage of being much easier to remember, too. – Medo42 Sep 01 '14 at 08:54
  • If it is a duplicate question, please show me the answer! – user3693951 Sep 02 '14 at 05:19
  • It is linked at the top of your question. The part that says "This question already has an answer here:" in bold letters. – Medo42 Sep 02 '14 at 10:59

1 Answers1

0

You could try the below regex to satisfy all of your requirements,

^(?=.{8,32}$)(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[(!@#$%^&*)]).*

DEMO

^(?=.{8,32}$)         -      length: 8 - 32
(?=.*?[A-Z])          -      at-least one uppercase letter.
(?=.*?[a-z])          -      at-least one lowercase letter.
(?=.*?[0-9])          -      at-least one number.
(?=.*?[(!@#$%^&*)])   -      at-least one symbol present inside the character class.
.*                    -      Match any character zero or more times only if all the above 5 conditions are true.
Avinash Raj
  • 172,303
  • 28
  • 230
  • 274