0

I have login page that check for password strength. There is an categories i need to check for regular expressions. How can i check in java? The main problem is that when input as "HELLOWORLDHELLO" or 123456789012 . It still can be accepted. Not going into false.If input is not equal to at least below two categories. It should be return false. Thanks.Below is my password strength. Password must be more than 12 characters and contains at least 2 of categories below:

        At least 1 upper case character.
        At least 1 lower case character.
        At least 1 digit number.
        At least 1 special character. (!,$,#,%,etc.)

And my java code is below.

public static final String UPPER_CASE_REGEX = "^(?=.*[A-Z])[A-Za-z\\d@$!%*?&^~#*()`<>,.|+-_{}:;\'\"\\/]{12,}$";
public static final String LOWER_CASE_REGEX = "^(?=.*[a-z])[A-Za-z\\d@$!%*?&^~#*()`<>,.|+-_{}:;\'\"\\/]{12,}$";
    
public static final String NUMBER_REGEX = "^(?=.*\\d)[A-Za-z\\d@$!%*?&^~#*()`<>,.|+-_{}:;\'\"\\/]{12,}$";

public static final String SPECIAL_CHAR_REGEX = "^(?=.*[@$!%*?&^~#*()`<>,.|+-_{}:;\'\"\\/])[A-Za-z\\d@$!%*?&^~#*()`<>,.|+-{}:;\'\"\\/]{12,}$";
    

private static boolean checkStrength(String input) {
Pattern upperCasePattern = Pattern.compile(UPPER_CASE_REGEX);
Matcher upperCaseMatcher = upperCasePattern.matcher(input);
int matchCount = 0;
        
        if(upperCaseMatcher.matches()) {
            matchCount++;
            
            if(matchCount >= 2) {
                return true;
            }
        }

if(lowerCaseMatcher.matches()) {
            matchCount++;
            
            if(matchCount >= 2) {
                return true;
            }
        }
        
        if(numberMatcher.matches()) {
            matchCount++;
            
            if(matchCount >= 2) {
                return true;
            }
        }
        
        if(specialCharMatcher.matches()) {
            matchCount++;
            
            if(matchCount >= 2) {
                return true;
            }
        }
        
        return false;
    }
KaungKhant Zaw
  • 27
  • 5
  • Does this answer your question? [regular expression for letters, numbers and - \_](https://stackoverflow.com/questions/3028642/regular-expression-for-letters-numbers-and) – Eldar B. Jun 23 '20 at 07:45
  • 1
    And your question is what? Does your code not work? In what way? For input does it produce which wrong output, what would be the correct one? – luk2302 Jun 23 '20 at 07:48
  • Sorry all. I edit my questions. Currently problem is that when i input as "HELLOWORLDHELLO" or 123456789012 . It can successfully login. Actually it does not meet password strength requirement. Password strength should be at least two categories. Thanks. – KaungKhant Zaw Jun 23 '20 at 08:03

1 Answers1

0

Try this.

static Pattern UPPER = Pattern.compile("[A-Z]");
static Pattern LOWER = Pattern.compile("[a-z]");
static Pattern DIGIT = Pattern.compile("\\d");
static Pattern SPECIAL = Pattern.compile("[!$#%]");

static boolean checkStrength(String password) {
    if (password == null) return false;
    if (password.length() < 12) return false;
    int matchCount = 0;
    if (UPPER.matcher(password).find()) ++matchCount;
    if (LOWER.matcher(password).find()) ++matchCount;
    if (DIGIT.matcher(password).find()) ++matchCount;
    if (SPECIAL.matcher(password).find()) ++matchCount;
    return matchCount >= 2;
}

test cases:

@Test
public void testCheckStrength() {
    assertEquals(false, checkStrength("1234Abcd"));
    assertEquals(false, checkStrength("123456789012"));
    assertEquals(false, checkStrength("HELLOWORLDHELLO"));
    assertEquals(true, checkStrength("HELLOWORLDHELLOhello"));
    assertEquals(true, checkStrength("123456789z12"));
    assertEquals(false, checkStrength("これは日本語の文字列です"));
    assertEquals(true, checkStrength("これはNihongoの文字列です"));
}
saka1029
  • 13,523
  • 2
  • 13
  • 37