I've built a regex pattern to check the strength of passwords:
(?=^.{8,15}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*
It forces the user to use a password which characters originate from at least 3 of the 4 following categories:
- at least 1 upper case character
- at least 1 lower case character
- at least 1 numerical character
- at least 1 special character / symbol
Note: It also enforces a min and max length {8,15}
The pattern works fine on a server side PHP script and I've also tested it with multiple javascript Regex-tester-tools (e.g. http://www.regular-expressions.info/javascriptexample.html). Everything looks perfect so far...
BUT, if I'm using it inside of a simple Extjs textfield validator, the validator only returns TRUE, if I'm using all 4 categories.
validator: function (value) {
var pattern =
'(?=^.{8,15}$)'+
'((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|' +
'(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|' +
'(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|' +
'(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*';
if (value.match(pattern)) {
return true;
} else {
return this.i18n.invalidPassword;
}
}
And now, I'm running out of ideas...
You're setting up the pattern incorrectly:
var pattern = new RegExp(
'(?=^.{8,15}$)'+
'((?=.*\\d)(?=.*[A-Z])(?=.*[a-z])|' +
'(?=.*\\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|' +
'(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|' +
'(?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*'
);
Note the \\ instead of \. If you don't do that, the \ will be gone by the time the regular expression code gets to it. You could alternatively use native regex syntax, but there's no way to break that up across multiple lines.
edit — specifically, the \\ before the \d occurrences in your regex. If you don't double the backslash, then the regular expression will just see a lower-case "d".