We're using the standard ASP.NET authentication provider (AspNetSqlMembershipProvider as it happens) and the defualt password strength requirement is a little excessive for our needs.
We require our users to enter a password that is alphanumeric at least (i.e, letters and at least one number mandatory, mixed case and non-alphanumeric characters if the user so desires).
Can anyone suggest what PasswordStrengthRegularExpression setting would achieve this?
Also, how can we control the error message shown to the user if the password they try to use fails the regular expression check?
It was found that the minRequiredNonalphanumericCharacters
property must be set to 0
, otherwise this setting overrides any regular expression that is used
A twelve-character password with one uppercase letter, one number and one symbol is almost unbreakable, taking a computer 34,000 years to crack.
Increasing the password complexity to a 13 character full alpha-numeric password increases the time needed to crack it to more than 900,000 years at 7 billion attempts per second. This is, of course, assuming the password does not use a common word that a dictionary attack could break much sooner.
We just implemented the following expression to validate a pwd of 8 to 16 characters and contain three of the following 4 items: upper case letter, lower case letter, a symbol, a number
(?=^[^\s]{8,16}$)((?=.*?\d)(?=.*?[A-Z])(?=.*?[a-z])|(?=.*?\d)(?=.*?[^\w\d\s])(?=.*?[a-z])|(?=.*?[^\w\d\s])(?=.*?[A-Z])(?=.*?[a-z])|(?=.*?\d)(?=.*?[A-Z])(?=.*?[^\w\d\s]))^.*
An explanation of individual components:
notice after the length segment the double parens and later in the expression you'll see several |'s. This allows for the either/or comparison of the 4 possible combinations that are allowed.
After writing this I just noticed this question was asked over a year ago. Since I had come across this question in my search I hope someone else can also benefit from our solution.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With