A Regular Expression for a Strong Password

Posted: July 5, 2008 in ASP.NET
Tags: ,

If you want to create an application which accepts only strong password, then here is a solution for you. You can apply the following regular expression which creates a validation for you to allow only strong password.


Description of this regular expression is as below:

Passwords will contain at least 1 upper case letter
Passwords will contain at least 1 lower case letter
Passwords will contain at least 1 number or special character
Passwords will contain at least 8 characters in length
Password maximum length should not be arbitrarily limited

let me know if you want any change in current regular expression according to your requirements.

Happy coding…

  1. micky says:

    Good Job….

  2. josephine says:


    can I just ask, what does regular expression actually does? I didn’t learn this before.

  3. hspinfo says:

    Hi Josephine,

    A regular expression (sometimes abbreviated to “regex” ) is a way for a computer user or programmer to express how a computer program should look for a specified pattern in text and then what the program is to do when each pattern match is found. For example, a regular expression could tell a program to search for all text lines that contain the word “Windows 95” or to search for a text pattern like any email address, or any kind of numeric pattern for example “xxx-xxx-xxxx”.

    Here, I have provided a pattern for a strong password identification. Whenever any user input his password it will be compared using the RegEx, and this control will confirm if the provided input is a valid pattern for strong password or not? If not then produce proper message to user to input a valid strong password that match the pattern.

    You can check this link for RegEx http://www.regular-expressions.info/

  4. jackorna says:

    hey thats very good
    could you please help me to get the regular expression for following
    1. Passwords should be at least 8 characters/numbers
    2. At least 5 characters of the password must be different
    3. The password must comprise at a minimum 1 character that is not an alphabetic character, a digit or a hyphen (-)
    4. At least one of the non-alphabetic characters must appear between the second and seventh character positions of the password

  5. Eric says:

    Excellent post, thanks.

  6. Prakash says:


    I need a JavaScript Regular Expression with following condition

    – Exactly 8 in length not less or more
    – Must Start with Alphabet
    – Must have atleast 1 numeric
    – Must have atleast 1 symbol (!, @, #, $, %, ^, &, *, =, +)


  7. Kantha says:

    this is very nice..,

  8. Lisa says:

    I modified as follows to not allow any whitespace characters:


  9. Johnny Hwang says:

    Hello, I need an ASP.NET Regular Expression with the following:

    Complex passwords must be 9-14 characters in length and contain 3 of the following 4 character types:

    * lowercase letters
    * uppercase letters
    * numbers
    * special characters

    I am having a lot lot lot of trouble with the 3 of the 4 part.

  10. rj says:

    Thank u…it works…:) 🙂

  11. zozo says:

    I have written the javascript function in the External js file and named it as JScript.js. This file is in Javascripts folder which under the Project folder.
    The JScript.js file contains the following code.

    // JScript File

    function validateParameter()
    var paramname=document.getElementById(”);
    var message;

    message+=”\n*Parameter Name is mandatory”;
    else if(paramname.value!=””)
    var alphaExp = /^[a-zA-Z\s]+$/;
    message+=”\n*Only Alphabets are allowed for Parameter Name”;

    return false;
    return true;

    I have called the javascript file using the below html tag.

    I have called the javascript function for OnClientClick of a button.
    OnClientClick=”javascript: return validateParameter();”

    But during the runtime the button click is not validating the controls.
    Please Help Me! Thanks.

  12. Nidhi Shah says:

    thak you for the help i want to kown when he clear the that text at that time it should be the remove the tag which was display is we type wrong………

  13. rohit says:

    if (loginIdTextBox.value != passwordTextBox.value) {
    var passwordPattern = /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?!.*\s).{8,}$/;
    var validatePassword=passwordPattern.Test(passwordTextBox)
    alert (validatePassword);
    return validatePassword;
    alert (‘The password must have atleast one uppercase letter, one lower case letter , one digit ‘);
    else {
    alert(‘ Login Id and Password cannot be same!!’)
    return false;
    plzz help me this thing is not working god knows yyy if any corrections plzz help

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s