-2

For setting the Password complexity in .Net MVC web application, how can I achieve the following rules:

1) Password must not contain significant portions (three or more contiguous characters) of the name. (this point is not available in that linked post)

2) At least three of the following four categories:

  • English uppercase characters (A through Z)
  • English lowercase characters (a through z)
  • Base 10 digits (0 through 9)
  • Non-alphabetic characters: ~!@#$%^&*;?+_

I would like to achieve this using javascript/jquery.

Thanks

Improve this question
9
  • 3
    Why javascript? You can do this better with annotations in ASP.NET MVC Commented Apr 17, 2017 at 7:05
  • Wouldn't a minimum length be more useful than the characters from each category concept? What is "name"? The user's name? Commented Apr 17, 2017 at 7:05
  • @MacakM- how ? can you please explain ? Commented Apr 17, 2017 at 7:06
  • @nnnnnn- password should be minimum 8 characters in length and maximum 10 characters. Commented Apr 17, 2017 at 7:07
  • Possible duplicate of jQuery Validate plugin - password check - minimum requirements - Regex Commented Apr 17, 2017 at 7:08

1 Answer 1

Reset to default
0

It is not good to use javascript for this purpose (it can be bypassed). Better solution is to use ASP.NET MVC Data Annotations. With them you can set attributes to your model class and when is POST operation triggered, it will validate the input based on this attributes.

You can learn more here: https://learn.microsoft.com/en-us/aspnet/mvc/overview/older-versions-1/models-data/validation-with-the-data-annotation-validators-cs

You can also write your custom validation attribute based on your needs. In your case I think the [RegularExpression] attribute would be sufficient for 2).

For 1) you should make your custom attribute as is shown in here: http://www.c-sharpcorner.com/UploadFile/rahul4_saxena/mvc-4-custom-validation-data-annotation-attribute/

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

@MacakM- do you think that i can achieve my 1st point through this [RegularExpression] attribute ??
I am not sure if I understand that point... does it mean that password for user MacakM can't be aca5842?
for e.g: name=MacakM, so password cant have any of the 3 continuos characters from the name 'MacakM'. Like valid password = Ab1@h2s5. Invalid password = AbMac5s because it has 'Mac' of name.
Yes, then you should use your custom attribute as I wrote in answer. You simply write there what you want to validate and return true/false :)
Thanks for the responses, I will take a look at the suggestions and see if I can get them working :)
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.