06Feb, 2017

Create regular expressions to check the complexity of passwords!

One of the fundamental points of computer security is the password. It may be useful to help administrators and group leaders by encouraging them to use a complex passwords. These steps below will help you create a process more secure with regular expression (or  Regex). The code presented would then be used for letting the user change their passwords.

Presentation :

The key to strong password construction comes down to a combination of length, complexity, and randomness (lowercase or uppercase characters, digits and special symbols). Using Regex will help you to set your password. If you are not familiar with regular expressions, do not worry. We will decompose the string.


  • /^ Start of the string.
  • (?=.*[A-z]) must contains a characters (lowercase or uppercase characters).
  • (?=.*[a-z]) must contains one lowercase characters.
  • (?=.*[A-Z]) must contains one uppercase characters.
  • (?=.*[0-9]) must contains one digit from 0-9.
  • (?=.*[$@]) must contains one special symbols in this list $ and @.
  • (?!.*[iIoO]) match any charcuter except i I o and O.
  • \S{6,12} length at least 6 characters and a maximum of 12.
  • $/ End of the string.

Whole combination is means: 6 to 12 characters string with at least one digit and one upper case letter  (except i I o and O), one special symbol (“@$”). This regular expression pattern is very useful to implement a strong and complex password.

Note: The grouping formula order does not matter.

Do not forget, if you are already familiar with the Regex syntax, you can edit your own regular expression directly!

Below are a few more examples:

  • /^0[,.]([1-8]\d|90)$/ :  The value must be between 0.10 and 0.90.
  • /^22[,.]([1-9])$/ : the value must be between 22.1 and 22.9.
  • /^(1[8-9]|2[0-4])$/ : the value must be 18 and 24.
  • /^(3([.,]\d{1,2})?|4([.,]0{1,2})?)$/ : the value must be in 3 and 4, taking into account decimals.
 Can you guess this string?


Go to Configuration -> Application -> Password policy.
Password policy
Here you can:
  • Prohibit users from changing their passwords
  • Write your regular expression
  • Add an user information if entry errors.
your password policy
Note: The default password should have at least 3 characters and a maximum of 20.
Do not forget to click on Confirm!

Do not hesitate to comment on this article!
All your questions, comments and suggestions are most welcome!

Post a comment

Your email address will not be published. Required fields are marked *