1

I have added a regex which will check for least 8 characters, at least one number, one uppercase letter, one lowercase letter and one special character This is the regex Used

'(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[$@$!%*?&])[A-Za-zd$@$!%*?&].{8,}'

The above regex works fine for most of the scenarios but when I use

1oB!gb0s5

or 

Pass@123

It fails. Can anyone tell me the issue here.

Thejas
  • 379
  • 5
  • 24
  • 1
    Possible duplicate of: https://stackoverflow.com/questions/19605150/regex-for-password-must-contain-at-least-eight-characters-at-least-one-number-a – Jacopo Sciampi Dec 17 '18 at 13:37
  • You might find [Reference - Password Validation](https://stackoverflow.com/q/48345922/3600709) useful. – ctwheels Mar 27 '19 at 15:27

1 Answers1

1

Here is the portion of your regex which actually consumes the input:

[A-Za-zd$@$!%*?&].{8,}

This means that the password must start with one of the characters in the above character class. It also means that a valid password must have nine or more characters, because the class counts for one, and {8,} means 8 or more. So the following would fail because it does not begin with any such character:

1oB!gb0s5

The second example you gave fails for a different reason, because it only has 8 characters:

Pass@123

I don't know exactly what logic you want here. If you just want to ensure that a password has a lowercase, uppercase, number, and special character, then maybe you can remove the leading character class and just stick with the lookaheads:

(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[$@$!%*?&]).{8,}

Here is a demo which shows that your two example passwords would pass using the above pattern.

Demo

Tim Biegeleisen
  • 502,043
  • 27
  • 286
  • 360