正则表达式密码

时间:2012-03-08 00:03:25

标签: javascript regex

我正在尝试将密码的最低要求的正则表达式设置为最少6个字符; 1个大写,1个小写和1个数字。看起来很简单?我没有任何正则表达式“前瞻”的经验,所以我会这样做:

if(!pwStr.match(/[A-Z]+/) || !pwStr.match(/[a-z]+/) || !pwStr.match(/[0-9]+/) ||
    pwStr.length < 6)
    //was not successful

但我希望将此优化为一个正则表达式,并在此过程中升级我的正则表达式技能。

4 个答案:

答案 0 :(得分:4)

^.*(?=.{6,})(?=.*[a-zA-Z])(?=.*\d)(?=.*[!&$%&? "]).*$
  • ^ *
    启动正则表达式
  • (?= {6,})
    密码长度至少包含6个字符
  • (?=。* [A-ZA-Z])
    密码将包含至少1个大写字母和1个小写字母
  • (?=。* \ d)
    密码至少包含1个数字
  • (?=。* [!#$%&amp;?“]) 密码至少包含给定的特殊字符
  • 。* $
    正则表达结束

这是您可以查看此正则表达式的网站 - http://rubular.com/

答案 1 :(得分:3)

假设密码可能包含任何字符,最小长度至少为六个字符,并且必须包含至少一个大写字母和一个小写字母和一个十进制数字,这是我建议的那个:(使用python语法评论版本)

re_pwd_valid = re.compile("""
    # Validate password 6 char min with one upper, lower and number.
    ^                 # Anchor to start of string.
    (?=[^A-Z]*[A-Z])  # Assert at least one upper case letter.
    (?=[^a-z]*[a-z])  # Assert at least one lower case letter.
    (?=[^0-9]*[0-9])  # Assert at least one decimal digit.
    .{6,}             # Match password with at least 6 chars
    $                 # Anchor to end of string.
    """, re.VERBOSE)

这是JavaScript:

re_pwd_valid = /^(?=[^A-Z]*[A-Z])(?=[^a-z]*[a-z])(?=[^0-9]*[0-9]).{6,}$/;

附加:如果您需要多个必需的字符,请查看my answer to a similar password validation question

编辑:将懒角星更改为贪婪的char类。谢谢Erik Reppen - 很好的优化!

答案 2 :(得分:2)

我的经验是,如果你可以分离出正则表达式,代码会读得越好。您可以将正则表达式与正向前瞻(我看到刚刚完成)结合起来,但是......为什么?

编辑:

好的,好的,所以如果你有一些配置文件你可以传递字符串编译成正则表达式(我之前已经看过并且之前做过),我想这值得麻烦。但除此之外,即使所提供的答案得到纠正以符合您的需要,我仍然会建议不要,除非您打算创建这样的东西。单独的正则表达式可以更好地处理。

答案 3 :(得分:1)

我没有彻底测试过,但这是Amit的更有效版本。我认为他也允许未指定的角色进入组合(这在技术上并未作为规则列出)。如果你不小心瞄准了一大块文本,它就不会对你发狂,它会在太长的字符串上失败而且它只允许最后一堂中的字符。

''应该谨慎使用。想想它必须做的循环来确定与它可以表示的所有字符的匹配。使用否定类会更有效率。

`^(?=[^0-9]{0,9}[0-9])(?=[^a-z]{0,9}[a-z])(?=[^A-Z]{0,9}[A-Z])(?=[^@#$%]{0,9}[@#$%])[0-9a-zA-Z@#$%]{6,10`}$

尝试找到理想的regEx并没有错。但是在你需要的时候把它分开。

RegEx tends to be explained poorly. I'll add a breakdown:

a - a single 'a' character
ab - a single 'a' character followed by a single b character
a* - 0 or more 'a' characters
a+ - one or more 'a' characters
a+b - one or any number of a characters followed by a single b character.
a{6,} - at least 6 'a' characters (would match more)
a{6,10} - 6-10 'a' characters
a{10} - exactly 10 'a' characters iirc - not very useful

^ - beginning of a string - so ^a+ would not math 'baaaa'
$ - end of a string - b$ would not find a match 'aaaba'

[] signifies a character class. You can put a variety of characters inside it and every character will be checked. By itself only whatever string character you happen to be on is matched against. It can be modified by + and * as above.

[ab]+c - one or any number of a or b characters followed by a single c character
[a-zA-Z0-9] - any letter, any number - there are a bunch of \<some key> characters representing sets like \d for 'digits' I'm guessing. \w iirc is basically [a-zA-Z_]

note: '\' is the escape key for character classes. [a\-z] for 'a' or '-' or 'z' rather than anything from a to z which is what [a-z] means

[^<stuff>] a character class with the caret in front means everything but the characters or <stuff> listed - this is critical to performance in regEx matches hitting large strings.

. - wildcard character representing most characters (exceptions are a handful of really old-school whitespace characters). Not a big deal in very small sets of characters but avoid using it.

(?=<regex stuff>) - a lookahead. Doesn't move the parser further down the string if it matches. If a lookahead fails, the whole match fails. If it succeeds, you go back to the same character before it. That's why we can string a bunch together to search if there's at least one of a given character.

So:

^ - at the beginning followed by whatever is next

(?=[^0-9]{0,9}[0-9]) - look for a digit from 0-9 preceded by up to 9 or 0 instances of anything that isn't 0-9 - next lookahead starts at the same place

etc. on the lookaheads

[0-9a-zA-Z@#$%]{6,10} - 6-10 of any letter, number, or @#$% characters

不需要'$'因为我将所有内容限制为10个字符