2

I'm using the ASP.NET Membership property for authentication on my ASP.NET website. I want the passwords to be pretty secure. I want them to be 7 digits long, containing a letter, number, and a special character.

I found this to be added to the web.config

passwordStrengthRegularExpression=" @\"(?=.{6,})(?=(.*\d){1,})(?=(.*\W){1,})"

However, when I add this to my Membership profile, I get the following error:

Name cannot begin with the '(' character, hexadecimal value 0x28. Line 26, position 445.

So it looks like it's not seeing the escape character after the @ symbol, and it's trying to use that quote to end the tag. Any idea what I'm doing wrong?

Lastly, how would I modify this to also require a lower case letter and an upper case letter?

Improve this question

4 Answers 4

Reset to default
3

Try with this:

ValidationExpression="(?=^.{7,51}$)([A-Za-z]{1})([A-Za-z0-9!@#$%_\^\&\*\-\.\?]{5,49})$"

Here you can find lot of samples

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Don't believe that will work, as it will match against helloth
3

If you are trying to escape the " and this is in your web.config file, you need to do ", that is the proper quote entity for xml. As for the regex you want, try this

^(?=[a-z]+)(?=.*?\d+)(?=.*?[`~!@#$%^&*\(\)\-_}{\]\[=+\\|]+).{7,}$

Will match against the following items in bold

  • helloth
  • hellot
  • hell0th
  • hell0Th
  • he!l0th
  • he!l0Th
  • he!l0Th3534534
  • he!l0Thdggfsg

You can add (?=.*?[A-Z]+) if you also want to require at least one upper case letter, and make it only match the last 3. Finally, you can modify the following block from the regex above to include only the special chars you want to allow.

[`~!@#$%^&*\(\)\-_}{\]\[=+\\|]
Improve this answer

Comments

1

Instead of dealing with an expression no one understands, use three (or more). There following is some pseudo code for this idea:

abort('to short') if password.length < 8
abort('at least one letter') if password !~ /[a-z]/i
abort('at least two digits') if password !~ /[0-9].*[0-9]/
abort('at least one special character') if password !~ /[!@#$%^\*-=\+\?]/
Improve this answer

Comments

-1

'Added by Itrend solutions -Password Validation

Create a method and pass your text to validate the password strength .. Dim password AsString password = Trim(txtnewpassword.Text)

DimSmallCharacter() AsString = {"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z"} DimsmallchacountAsInteger = 0 ForEachsmallchaAsStringInSmallCharacter If (password.Contains(smallcha)) Then smallchacount = smallchacount + 1 EndIf Next Ifsmallchacount<= 0 Then MessageBox("Password Must Contain One Alphabet Character") Exit Sub EndIf

Dim Numbers() AsString = {"0", "1", "2", "3", "4", "5", "6", "7", "8", "9"} DimnumbercountAsInteger = 0 ForEachnumAsStringIn Numbers If (password.Contains(num)) Then numbercount = numbercount + 1 EndIf Next Ifnumbercount<= 0 Then MessageBox("Password Must Contain One Numeric Digit") Exit Sub EndIf

DimSpecial() AsString = {"@", "#", "$", "%", "^", "&", "*", "(", ")", "!"} DimcountSpecialAsInteger = 0 ForEach spec AsStringIn Special If (password.Contains(spec)) Then countSpecial = countSpecial + 1 EndIf Next IfcountSpecial<= 0 Then MessageBox("Password Must Contain One Special Character") Exit Sub

for More clarification please contact us

Improve this answer

2 Comments

ya its working fine to validate the password strength in vb.net
Very broken formatting, please edit.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.