•  03-06-2021
  •  | 
  •  

Question

I'm a newbie to regex and trying to create a regex to validate pass phrases. I would like to validate that the pass phrase has:

  • n number of words or more
  • words should be separated by spaces
  • words, each with n characters or more
  • a number in at least one of the words
  • at least one special character in one of the words

This is what what I have so far

^(?=.*?((?:.*?\b[a-zA-Z0-9]{2,40}\b)\s*){3,})(?=.*?[@#$%^&+=])(?=.*?[0-9]).*$

It matches this Pe2sI#sHy?ThYulU# phrase that does not have at least 3 words (no spaces). What am I doing wrong?

Was it helpful?

Solution

You should use \s+ instead of \s*. The latter allows zero spaces, the former requires at least one. But your regex is overly complicated. Try this:

^                 # Start of string
(?=.*\d)          # Assert at least one digit
(?=.*[@#$%^&+=])  # Assert at least one special char
\s*               # Optional leading whitespace
(?:               # Match...
 \S{2,}           #  at least 2 non-spaces
 \s+              #  at least 1 whitespace
){2,}             # at least 2 times
\S{2,}            # Match at least 2 non-spaces (making 3 "words" minimum)

OTHER TIPS

A little late to this, so this is just an observation.

This is a take-off on @Tim Pietzcker's method.
Although 'words' can be anything, if you want to require at least
3 words have [a-zA-Z0-9]{2,40} characters imbedded, you could do this. 

^                      # String start
(?=.*[@#$%^&+=])       # Assert 1 special char
(?=.*\d)               # Assert 1 digit
(?:                    # Special 'Word Group'  -- Need 2 words
   .*                     # Any char, 0 or more times
   [a-zA-Z0-9]{2,40}      # Alpha/num char, 2 to 40 times
   .*                     # Any char, 0 or more times
   \s                     # a whitespace, only 1 required
){2}                   # 'Word Group' end, do 2 times
.*                     # Any char, 0 or more times
[a-zA-Z0-9]{2,40}      # Alpha/num char, 2 to 40 times -- Need 1 word

This should match at least 3 special [a-zA-Z0-9]{2,40} words separated by at least 1 space
including a digit and special character.

update

Yes, you can combine it into a single group done {3} times in 2 ways I know of.

Use a capture buffer as a flag 

^(?=.*[@#$%^&+=])(?=.*\d)(?:(?:(?!\1)|\s).*[a-zA-Z0-9]{2,40}().*){3} 
                                                       ^          ^
---------------------------------------   

^                      # String start
(?=.*[@#$%^&+=])       # Assert 1 special char
(?=.*\d)               # Assert 1 digit
(?:                    # Special 'Word Group'
   (?:                    #.. grping start ....
        (?!\1)              # Either capt group 1 is UN-DEFINED
      | \s                  # OR, require a whitespace
    )                     #.. grping end ....
   .*                     # Any char, 0 or more times
   [a-zA-Z0-9]{2,40}      # Alpha/num char, 2 to 40 times
   ()                     # DEFINE Capture group 1
   .*                     # Any char, 0 or more times
){3}                   # 'Word Group' end, do 3 times

Or, by using a conditional 

^(?=.*[@#$%^&+=])(?=.*\d)(?:(?(1)\s).*([a-zA-Z0-9]{2,40}).*){3}
                                                   ^         ^
---------------------------------------   

^                      # String start
(?=.*[@#$%^&+=])       # Assert 1 special char
(?=.*\d)               # Assert 1 digit
(?:                    # Special 'Word Group'
   (?(1)\s)               # Conditional, require a whitespace if capture group 1 captured anything
   .*                     # Any char, 0 or more times
   ([a-zA-Z0-9]{2,40})    # Capture group 1, Alpha/num char, 2 to 40 times
   .*                     # Any char, 0 or more times
){3}                   # 'Word Group' end, do 3 times
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top