Is it possible to simplify this password regex?

Question

I just answered another Regex question here.

jQuery method to validate a password with specific rules

The objective is to create a regex that takes the following

1 or more uppercase characters
1 or more lowercase characters
1 digit or special character - i.e. !@#$%^&*()-=, etc.
Length has to be at least 7 characters

I found a nifty solution for the special characters with \W that matches non-word characters. That should match the special characters.

But I was wondering if this solution could be dried up to not require multiple conditionals. My original solution was in one line

$.validator.addMethod("pwcheck", function(value) {
    return /[A-Z]+[a-z]+[\d\W]+/.test(value)
});

This matches the first three conditions but there was one problem. It only matches in that exact order. That means the lowercase must follow the uppercase and so on. While examples like this passed

AGHjfd8437

Others failed like this

agTF8djRd4

I had to modify my solution to pass tests like this. This is what I came up with.

$.validator.addMethod("pwcheck", function(value) {
    return /[A-Z]+/.test(value) && /[a-z]+/.test(value) && 
    /[\d\W]+/.test(value) && /\S{7,}/.test(value);
});

But I was wondering if this could be combined to just one Regex. And if so, would it be cleaner looking than the second?

FWIW, I think your existing code is clearer than the proposed solution that puts it all in one regex. So, it depends upon your personal coding objective which is better. I prioritize ease of maintenance and clarity to all who might come after to read this code over brevity myself. — jfriend00, Oct 09 '15 at 17:30
Wouldn't it be better to have separate checks to say why the password failed? I hate when sites go "password invalid" and I do not know why from their 100 things that need to be in it. — epascarello, Oct 09 '15 at 17:31
[Google - site:stackoverflow.com javascript regex password](https://www.google.com/search?num=50&q=site%3Astackoverflow.com+javascript+regex+password&oq=site%3Astackoverflow.com+javascript+regex+password) — , Oct 09 '15 at 17:36
I agree with the above comments. I don't know why people feel so compelled to get everything into a single regex. I'd much rather make a simple parser and like @epascarello said, give the reason(s) why it failed. — , Oct 09 '15 at 17:39
Seriously, why was this downvoted? This question is much better than a lot of the other trash questions that are posted? — Richard Hamilton, Oct 09 '15 at 17:45
Refer http://stackoverflow.com/questions/19605150/regex-for-password-must-be-contain-at-least-8-characters-least-1-number-and-bot which has an assortment of variations — Sean, Aug 30 '16 at 15:08

score 6 · Accepted Answer · 2015-10-09T17:25:46.933

6

You can use positive lookaheads (?=..):

/^(?=.*[A-Z])(?=.*[a-z])(?=.*[\d\W]).{7,}$/

Each positive lookahead will take sure exists in any position your specified character. And the final .{7,} will match at least seven characters. From start ^ till the end $.

Hope it helps.

edited Oct 09 '15 at 17:25

answered Oct 09 '15 at 17:22

lookaheads are underused IMO. I need to do a better job of using them myself – David Oct 09 '15 at 17:30
Lookarounds are a nice solution. – Richard Hamilton Oct 09 '15 at 17:30

Is it possible to simplify this password regex?

1 Answers1