How do I localize password validation in C#?
https://stackoverflow.com/questions/1479499
-
18-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am trying to localize an existing app that has the following logic that tries to validate a password text box. I'm assuming that this will not work with languages with special characters that the user could type in the text box. Am I correct? I don't think that we want to restrict the user from typing non-English-type characters (i.e. arabic, chinese, etc.). Or, is there something I'm not understanding?
Regex ValidHex =
new Regex("[A-Za-z1234567890_-]+", RegexOptions.IgnoreCase);
if (!ValidHex.IsMatch(e.Text))
{
e.Handled = true;
}
Solution
You can do like this to support unicode characters:
[\p{L}\p{N}_-]+
As a side note: is there any specific reason you need to limit what characters are allowed?
OTHER TIPS
Don't store passwords!
Hash the password using a cryptographic hashing function and compare that.
That regular expression isn't a particularly good one, it restricts the users options and doesn't enforce anything (the passwords 'a' and 'aaaaaaa' would pass). The name suggests it was adopted from an expression that validated Hex numbers. You would at least have to add a minimum Length condition (in the reg ex or as e.Text.Length > 8).
A more sensible expression would validate that at least 1 char form several groups was used, I dug up this: @"^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*\W)" See here.
Again, add a minimum length check.
This example does not address the problem of localization, It allows non-latin characters only through the '.' and does not consider them satisfying the [a-z] or [A-Z] requirements.
Have you tried using \w instead of A-za-z? I'm betting that will get around localization issues.
