3

I want the program to do 2 things:

  1. Check if the string(password input) contains both letters and numbers.
  2. Check if the password has atleast 8 characters.

Here is my code:

import java.util.*;
class howstrong
{
  public static void main(String ar[])
  {
    String password;
    int i;
    int c=0;
    Scanner in = new Scanner(System.in);
    System.out.println("ENTER PASSWORD");
    password = in.next();
    if (password.length() <= 8)
    {
      for (i = 0; i <= password.length(); i++)
      {
        char x = password.charAt(i);
        if (Character.isLetter(x))
        {
          if (Character.isDigit(x))
          c = 1;
        }
      }
      if (c == 1)
        System.out.println("STRONG");
      else 
        System.out.println("NOT STRONG");
    }
    else
      System.out.println("HAVE AT LEAST 8 CHARACTERS");
  }
}
Julien Lopez
  • 1,794
  • 5
  • 18
  • 24
shreydan
  • 45
  • 1
  • 1
  • 8
  • formatted! Please take a look at the code! – shreydan May 26 '16 at 07:27
  • Do you have a specific issue or error? – Andrew Mortimer May 26 '16 at 07:34
  • @AndrewMortimer The first issue is when I type password longer than 8 characters, it gives me: String Index out of range error and normally without the 8 character limit statement, it always gave me not strong output. – shreydan May 26 '16 at 07:38
  • Replace your loop condition `i = 0; i <= password.length(); i++` for this one: `i = 0; i < password.length(); i++` . For the last iteration, you get a IndexOutofBoundException. Password.charAt(password.length()) is not a valid index. – David SN May 26 '16 at 07:41
  • @DavidSN Thank You. Now the check if String has 8 characters is working. Still stuck with the 1st condition(see question). – shreydan May 26 '16 at 07:44

4 Answers4

5

You have several issues :

i <= password.length() should be i < password.length()

if (password.length() <= 8) should be if (password.length() >= 8)

You are checking if the character is a letter and a digit at the same time.

Finally, I'd suggest to use two flags, one to detect if there is a letter, another one to detect if there is a digit .

Putting it all together :

import java.util.Scanner;

class howstrong {
    public static void main(final String ar[]) {
        String password;
        Scanner in = new Scanner(System.in);
        System.out.println("ENTER PASSWORD");
        password = in.next();

        boolean hasLetter = false;
        boolean hasDigit = false;

        if (password.length() >= 8) {
            for (int i = 0; i < password.length(); i++) {
                char x = password.charAt(i);
                if (Character.isLetter(x)) {

                    hasLetter = true;
                }

                else if (Character.isDigit(x)) {

                    hasDigit = true;
                }

                // no need to check further, break the loop
                if(hasLetter && hasDigit){

                    break;
                }

            }
            if (hasLetter && hasDigit) {
                System.out.println("STRONG");
            } else {
                System.out.println("NOT STRONG");
            }
        } else {
            System.out.println("HAVE AT LEAST 8 CHARACTERS");
        }
    }
}
Arnaud
  • 17,229
  • 3
  • 31
  • 44
  • Thank You very much for the answer. I was using c=1 as a flag, but it didn't work as pointed out by Julien Lopez. Thanks for the answer! – shreydan May 26 '16 at 07:47
3

there is a Regex expression that you could use to check password strength. You could add a validation method that checks if the password matches the expression: So you call the method in your code like this:

   password = in.next();

   if(isStrong(password){
      //good password, do stuff
    }
   else{
        //not so good, prompt again
   }

And the method looks like this:

private boolean isStrong(String password){
    return password.matches("^(?=.*[A-Z].*[A-Z])(?=.*[!@#$&*])(?=.*[0-9].*[0-9])(?=.*[a-z].*[a-z].*[a-z])");

  }

Below is a regex which you can use to check password strength. 

^(?=.*[A-Z].*[A-Z])(?=.*[!@#$&*])(?=.*[0-9].*[0-9])(?=.*[a-z].*[a-z].*[a-z]).{8}$

You can look at the original post and selected answer here.

Community
  • 1
  • 1
ishmaelMakitla
  • 3,784
  • 3
  • 26
  • 32
0

In your loop, you check if your character is a letter and a digit. So c will never be set to 1. I suggest you learn to use a debugger, it will help you solve this kind of bugs easily.

Julien Lopez
  • 1,794
  • 5
  • 18
  • 24
0

I don't know, because it not specified, if your need it just for exercise or you need to implements in a real world application.

In the second case, I suggest you to use an existing library to check if a password is strong enough.

Check zxcvbn Java version on github, that is a porting of a library provided by Dropbox.

xcesco
  • 4,690
  • 4
  • 34
  • 65