regex for minimum 8 character,beside letters add number or symbol or both

Question

Examples which should Satisfy: test@1234 (accept) TestTo^12 (accept) test!5655(accept) Test!@$&(accept) testtesttest(should not accept) Beside Letter i want atleast one number or symbol.If both is available that is fine.

Answer 1

Updated with a one-regex solution:

Because any character could be the one that is non-alphabetic, testing for 8 characters and ensuring that at least one of them isn't alphabetic simultaneously requires a bit more complex regular expression. The "dumb and straight-forward" solution is to use a lot of "OR" operations for the 8 possibilities:

• The first character is not alphabetic
• The second character is not alphabetic
• The third character is not alphabetic
• ...

It would look like so:

var myRegex = /([^A-Za-z].{7})|(.[^A-Za-z].{6})|(.{2}[^A-Za-z].{5})|(.{3}[^A-Za-z].{4})|(.{4}[^A-Za-z].{3})|(.{5}[^A-Za-z].{2})|(.{6}[^A-Za-z].)|(.{7}[^A-Za-z])/

A smarter solution uses Regular Expression look-ahead operations. We basically match an empty string followed by 8 characters, so long as that empty string is followed by a pattern that contains (anywhere within it) a non-alphabetic character:

var myRegex = /(?=.*[^A-Za-z]).{8}/;

Look-aheads can make regular expessions more difficult to understand and debug, so it's sometimes better to rephrase the problem as a multi-part check (e.g. first check for 8 characters, then check for a non-alphabetic character). Thus, my original answer:

Original (and still totally valid):

It may not be the preferred solution, but this would probably be easiest to solve with two regular expressions:

var myValue = "testtesttest";
if (
    /.{8}/.test(myValue) &&
    /[^A-Za-z]/.test(myValue)
)
{
    // At least 8 characters and contains one non-alphabetic character
}
else
{
    // One of the two tests failed
}

Of course /.{8}/.test(myValue) is just myValue.length >= 8 which runs a lot faster and is easier to read:

if (
    myValue.length >= 8 &&
    /[^A-Za-z]/.test(myValue)
)
...

A note on password security:

Complex passwords are not secure passwords

Let me reiterate:

Complex passwords are not secure passwords

When a password is complex, people can't remember it. Because they can't remember it they either have to use a password management tool (if they're smart) or, more likely, they write it down on a post-it note. But it gets worse. When you require symbols and numbers it becomes hard to type a password, so people often make them as short as possible. You limit it to 8 characters? Their password will be 8 characters. But it gets worse. Many people, to make passwords more memorable, follow some pattern like:

• Take a word and tack on a number ("honeybee326")
• Take a word and replace some letters with symbols ("unf@th0m@ble")
• Take a word and tack on a symbol ("mypassword!")

People trying to guess a password don't need to try every possible combination of letters, numbers, and symbols. They just need to try these patterns. This greatly reduces the time it takes to crack passwords.

Any security expert who actually knows their stuff will tell you: the secret to a strong password is a long password. This means:

Hello my name is Steven and I like security

is 99999999x more secure than:

8j3@vk;8]

Instead of testing for symbols or numbers, I recommend just putting a large length requirement (something like 15 characters) if you want to really keep people secure. Or, just tell them what you recommend and let them do what they feel is best (if they choose a bad passwords, only they suffer the consequences). Unless this is an admin password, in which case enforce a massive length.