How do I verify in C# that the password contains at least X uppercase letters and at least Y numbers, and the entire string is longer than Z?
Thanks.
Asked
Active
Viewed 7,157 times
8
-
I would use some standard pwd validation rules possibly with RegEx, not char by char parsing... see this one: http://stackoverflow.com/questions/1152872/creating-a-regex-to-check-for-a-strong-password – Davide Piras Dec 07 '11 at 11:33
4 Answers
12
Password Strength:
First, I would read up on password strength, and double-check your policy to make sure you were doing the right thing (I couldn't tell you off hand):
- http://en.wikipedia.org/wiki/Password_strength
- https://www.grc.com/haystack.htm
- http://xkcd.com/936/ (a joke, but good food for thought)
Then I'd check other questions:
Then I'd get down to business.
Implementation:
You could use Linq:
return password.Length >= z
&& password.Where(char.IsUpper).Count() >= x
&& password.Where(char.IsDigit).Count() >= y
;
You could use also regular expressions (which might be a good option to allow you to plug in more complicated validations in the future):
return password.Length >= z
&& new Regex("[A-Z]").Matches(password).Count >= x
&& new Regex("[0-9]").Matches(password).Count >= y
;
Or you could mix and match them.
If you had to do this multiple times, you could reuse the Regex instances by building a class:
public class PasswordValidator
{
public bool IsValid(string password)
{
return password.Length > MinimumLength
&& uppercaseCharacterMatcher.Matches(password).Count
>= FewestUppercaseCharactersAllowed
&& digitsMatcher.Matches(password).Count >= FewestDigitsAllowed
;
}
public int FewestUppercaseCharactersAllowed { get; set; }
public int FewestDigitsAllowed { get; set; }
public int MinimumLength { get; set; }
private Regex uppercaseCharacterMatcher = new Regex("[A-Z]");
private Regex digitsMatcher = new Regex("[a-z]");
}
var validator = new PasswordValidator()
{
FewestUppercaseCharactersAllowed = x,
FewestDigitsAllowed = y,
MinimumLength = z,
};
return validator.IsValid(password);
Community
- 1
- 1
Merlyn Morgan-Graham
- 58,163
- 16
- 128
- 183
-
@SaiKalyanAkshinthala: Fixed now. I saw my mistake while I was expanding my answer :) – Merlyn Morgan-Graham Dec 07 '11 at 11:41
7
To count uppercase letters and digits:
string s = "some-password";
int upcaseCount= 0;
int numbersCount= 0;
for (int i = 0; i < s.Length; i++)
{
if (char.IsUpper(s[i])) upcaseCount++;
if (char.IsDigit(s[i])) numbersCount++;
}
and check s.Length for the length
good luck!
Shai
- 25,159
- 9
- 44
- 67
1
Short and clear using LINQ Where() method:
int requiredDigits = 5;
int requiredUppercase = 5;
string password = "SomE TrickY PassworD 12345";
bool isValid = password.Where(Char.IsDigit).Count() >= requiredDigits
&&
password.Where(Char.IsUpper).Count() >= requiredUppercase;
sll
- 61,540
- 22
- 104
- 156
0
This should do it:
public bool CheckPasswordStrength(string password, int x, int y, int z)
{
return password.Length >= z &&
password.Count(c => c.IsUpper(c)) >= x &&
password.Count(c => c.IsDigit(c)) >= y;
}
Abdul Munim
- 18,869
- 8
- 52
- 61