我正在使用密码检查器,我需要一些帮助。如果可能的话,我需要将检查器设置为"逼真的"尽可能。这意味着它需要实际注册密码并进行对话。我设法得到了一些指导:密码需要8-12个字符,1个数字,1个特殊字符和大写字母。我无法将密码存储到数据库中,并且不允许连续两个相同的字符(例如aa)
import java.util.Scanner;
public class passworChk{
public static void main(String[] args) {
// TODO Auto-generated method stub
int min =8;
int max=12;
int digit=0;
int special=0;
int upCount=0;
int loCount=0;
int count=0;
String password;
String decision;
Scanner scan = new Scanner(System.in);
System.out.println("Enter Your Password: ");
password = scan.nextLine();
//Sees if the Password is okay
if(count <= 0){
System.out.println("No password registered. would you like to register a new password? Enter yes or no.");
decision = scan.nextLine();
if(decision.length() == 3){
System.out.println("Enter Your Password: ");
password = scan.nextLine();
count++;
}
else if(decision.length() == 2){
System.out.println("Goodbye");
System.exit(0);
}
}
if(count >= 0){
if(password.length()>=min&&password.length()<=max){
for(int i =0;i<password.length();i++){
char c = password.charAt(i);
//This code goes through the 'password' String and registers it through counts.
if(Character.isUpperCase(c)){
upCount++;
}
if(Character.isLowerCase(c)){
loCount++;
}
if(Character.isDigit(c)){
digit++;
}
if(password.contains("&") || password.contains("!") || password.contains("@") || password.contains("#") || password.contains("$") || password.contains("*") || password.contains("%") || password.contains("?")){
special++;
}
}//If all the counts are in the correct ranges, the password is acceptable.
if(special>=1&&loCount>=1&&upCount>=1&&digit>=1){
System.out.println("Your Password is acceptable.");
}
}
if(password.length()<min){
for(int i =0;i<password.length();i++){
char c = password.charAt(i);
if(Character.isLowerCase(c)){
loCount++;
}
}
if(loCount>0){
System.out.println("Your Password must be at least "+min+" characters.");
System.out.println(" You need at least one upper case chracter,");
System.out.println(" You need at least one digit.");
System.out.println(" You need at least one special chracter.");
}
}
else if(password.length()<min&&upCount>1){
for(int i =0;i<password.length();i++){
char c =password.charAt(i);
if(Character.isLowerCase(c)){
loCount++;
}
if(Character.isUpperCase(c)){
upCount++;
}
}
if(loCount>0&&upCount>0){
System.out.println(" Password must be at least "+min+" chracters:");
System.out.println(" You need at least one digit:");
System.out.println(" You need at least one special chracter:");
}
}
if(password.length()>max||password.length()>=max&&upCount>1&&loCount>1&&digit>1){
System.out.println(" Password is too long. The limit is "+max+" chracters:");
System.out.println(" You need at least one special chracter:");
}
if(password.length()>=min&&password.length()<=max&&loCount>0&&upCount>0&&digit>0&&special==0){
System.out.println(" You need atleast a special chracter");
}
if(password.length()>=min&&password.length()<=max&&loCount>0&&upCount>0&&digit==0&&special==0){
System.out.println(" You need at least one digit:");
System.out.println(" You need at least one special chracter:");
}
}
}
}
答案 0 :(得分:0)
在我看来,你不必拥有所有特殊字符,大写和小写的计数,你可以只有一个boolean,如果最后所有这些都是真的,你可以插入密码进入数据库。为了阻止旁边有相同字符的密码,你可以在for循环中尝试这样的东西。
if(i < (password.length() -1) && c == password.charAt( i+1 ) ) {
//throw error message or set boolean of valid to false.
}
这表示如果i小于length - 1(所以我们可以检查下一个没有数组超出范围的索引),然后检查下一个char是否等于当前的char。
接下来,正如其他人所说,你应该将密码作为盐渍哈希存储在数据库中。这是为了确保您的数据库遭到入侵,密码是否经过哈希处理。