Passay password without repeating char sequence

Question

I'm using the passay library for validating password against a list of requirements:

<dependencies>
  <dependency>
    <groupId>org.passay</groupId>
    <artifactId>passay</artifactId>
    <version>1.4.0</version>
  </dependency>
</dependencies>

One of my requirements is that a password must not have any sequence of characters immediately followed by the same sequence. For instance:

apple: should be rejected because 'p' is followed by another 'p'.
banana: should be rejected because 'an' is followed by 'an'.
123xy123: is ok because '123' is not immediately followed by '123'.

I tried using RepeatCharactersRule (javadocs), but that Rule is only for sequence of the same characters (it will find 'aaa', but not 'abab').

Does passay have any rule for doing this or will I have to write a custom rule?

Shadov · Accepted Answer

Well, I don't think it does, but you don't have to write your own rule, try this if you want:

public class RepeatingSequenceRegexTest {
    final PasswordValidator validator = new PasswordValidator(
            new IllegalRegexRule("(.{1,})\1")
    );

    @Test
    public void checks() {
        assertTrue(validator.validate(new PasswordData("normal")).isValid());
        assertTrue(validator.validate(new PasswordData("abcdef")).isValid());
        assertTrue(validator.validate(new PasswordData("abacadaeaf")).isValid());
        assertTrue(validator.validate(new PasswordData("xyzxy")).isValid());
        assertTrue(validator.validate(new PasswordData("12345")).isValid());
        assertTrue(validator.validate(new PasswordData("121314")).isValid());
        assertTrue(validator.validate(new PasswordData("1234123121")).isValid());
        assertTrue(validator.validate(new PasswordData("123xy123")).isValid());
        assertTrue(validator.validate(new PasswordData("1")).isValid());
        assertTrue(validator.validate(new PasswordData("")).isValid());

        assertFalse(validator.validate(new PasswordData("apple")).isValid());
        assertFalse(validator.validate(new PasswordData("banana")).isValid());
        assertFalse(validator.validate(new PasswordData("112233")).isValid());
        assertFalse(validator.validate(new PasswordData("123123")).isValid());
        assertFalse(validator.validate(new PasswordData("1212")).isValid());
        assertFalse(validator.validate(new PasswordData("11")).isValid());
        assertFalse(validator.validate(new PasswordData("123xy123xy")).isValid());
    }
}

Passay password without repeating char sequence

Tags:

java

security

passwords

xinxiu

1 Answers

Shadov

Recent Activity

Donate For Us

Passay password without repeating char sequence

Tags:

java

security

passwords

xinxiu

1 Answers

Shadov

Related questions

Recent Activity

Donate For Us