[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Omaha.pm] One-liner regexp to check for password strength...

To: "Perl Mongers of Omaha, Nebraska USA" <omaha-pm@pm.org>
Subject: Re: [Omaha.pm] One-liner regexp to check for password strength...
From: Jay Hannah <jay@jays.net>
Date: Thu, 14 Jul 2005 21:10:14 -0500
Delivered-to: mailman-omaha-pm@mailman.pm.dev
Delivered-to: omaha-pm@pm.org
In-reply-to: <22962.24.252.28.96.1118895986.squirrel@24.252.28.96>
List-archive: <http://mail.pm.org/pipermail/omaha-pm>
List-help: <mailto:omaha-pm-request@pm.org?subject=help>
List-id: "Perl Mongers of Omaha, Nebraska USA" <omaha-pm.pm.org>
List-post: <mailto:omaha-pm@pm.org>
List-subscribe: <http://mail.pm.org/mailman/listinfo/omaha-pm>, <mailto:omaha-pm-request@pm.org?subject=subscribe>
List-unsubscribe: <http://mail.pm.org/mailman/listinfo/omaha-pm>, <mailto:omaha-pm-request@pm.org?subject=unsubscribe>
References: <22962.24.252.28.96.1118895986.squirrel@24.252.28.96>
Reply-to: "Perl Mongers of Omaha, Nebraska USA" <omaha-pm@pm.org>

?? I was going through the archive and my Inbox and no one replied tothis? I thought I did? hmmm... oh well, take2? -grin-


On Jun 15, 2005, at 23:26, Daniel Linder wrote:

I'm looking for a Perl one-liner regexp that will check a givenpassword

string to see if it meets a 'strength' requiement.

The tests are:
1:  Length >= 6 characters
2a: Contains number(s) (0-9)
2b: Contains lowercase letter(s) (a-z)
2c: Contains uppercase letter(s) (A-Z)
2d: Contains symbol character(s) (!@#$%^&*()-=_+`~\|":;<>,.?/ ... etc)

A password is good if it meets rule #1 and three of the four in #2.

Wow. I don't think you'll get a one liner to do all that. Not areadable one anyway.

At first glance a check such as /[a-z]+[A-Z]+[0-9]+/ could be a start,but

it requires that the order of the lower case characters be before any

upper-case characters or numbers, plus it ignores the lengthrequirement.


I've pretty much given up on a one-liner and this is the closest I can
come up with (ugly):

#!/usr/bin/perl

$PASSWD=shift;

$LEN = length($PASSWD);
printf ("LEN: $LEN\n");

$NumDigits = ($PASSWD =~ tr/[0-9]*//);
printf ("NumDigits: $NumDigits\n");

$NumUpperCase = ($PASSWD =~ tr/[A-Z]*//);
printf ("NumUpperCase: $NumUpperCase\n");

$NumLowerCase = ($PASSWD =~ tr/[a-z]*//);
printf ("NumLowerCase: $NumLowerCase\n");

$NumSpecial   = ($PASSWD =~

tr/[\!\@\#\$\%\^\&\*\_\+\-\=\{\}\[\]\\\|;\':\"\,\.\/\<\>\?\~\`]*//);

printf ("NumSpecial: $NumSpecial\n");

if ( ( $LEN >= 6 )
     and
     ( ($NumDigits?1:0) + ($NumUpperCase?1:0) + ($NumLowerCase?1:0) +
($NumSpecial?1:0) >= 3 )
   ) {
        printf ("Password \"%s\" passed.\n", $PASSWD);
}

Dan

Looks good to me! Maybe it could be cleaner? Something like this? (Nottested.)


#!/usr/bin/perl
$_ = shift;
$points++ if (/[0-9]/);
$points++ if (/[A-Z]/);
$points++ if (/[a-z]/);

$points++ if(/[\!\@\#\$\%\^\&\*\_\+\-\=\{\}\[\]\\\|;\':\"\,\.\/\<\>\?\~\`]/);

die "Failed" unless (length($_) >=6 and $points >=3);
print "Yay! $_ passed!\n";

Good/bad? HTH,

j

Follow-Ups:
- Re: [Omaha.pm] One-liner regexp to check for password strength...
  - From: Jay Hannah <jay@jays.net>

References:
- [Omaha.pm] One-liner regexp to check for password strength...
  - From: "Daniel Linder" <dan@linder.org>

Prev by Date: Re: [Omaha.pm] http://perl.meetup.com - Omaha is #2!
Next by Date: Re: [Omaha.pm] One-liner regexp to check for password strength...
Previous by thread: [Omaha.pm] One-liner regexp to check for password strength...
Next by thread: Re: [Omaha.pm] One-liner regexp to check for password strength...
Index(es):
- Date
- Thread