Introduction
Strong password validation falls under some of the most important parts of frontends and backends. As virtually every application made today has user authentication in place. So, the requirement to validate strong password has been an absolute necessity. The validation ensures that a valid and strong password is entered by the user. For this validation, regex is used in javascript. We use regular expressions and match the entered password pattern to an industry-recognized requirement to be a strong password. A password needs the following things to be a valid password:
- It should be at least 8 characters long:
********
- It must have a number:
[0 to 9]
- It must have a capital alphabet:
[A to Z]
- It must have a small alphabet:
[a to z]
- It must have a special character:
[!, @, #, $, %, ^, &, *]
Let’s look at how to validate strong password using regex in JavaScript.
Prerequisites
JavaScript code for Strong Password Validation
We use the match()
method of the string to match the RegEx pattern to the given password string.
const pattern = /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#\$%\^&\*])(?=.{8,})/;
let password = "V3ry5tR0ngP@ssw0rd";
let result = password.match(pattern);
if(result) {
console.log(`The given password: ${password} is strong`);
} else {
console.log(`The given password: ${password} is not strong`);
}
password = "password";
result = password.match(pattern);
if(result) {
console.log(`The given password: ${password} is strong`);
} else {
console.log(`The given password: ${password} is not strong`);
}
Result:
The given password: V3ry5tR0ngP@ssw0rd is strong
The given password: password is not strong
Let’s wrap this code into a function to make it reusable.
function validatePassword(password) {
const pattern = /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#\$%\^&\*])(?=.{8,})/;
return password.match(pattern)
}
let password = "V3ry5tR0ngP@ssw0rd";
if(validatePassword(password)) {
console.log(`The given password: ${password} is strong`);
} else {
console.log(`The given password: ${password} is not strong`);
}
password = "thisispassword1";
if(validatePassword(password)) {
console.log(`The given password: ${password} is strong`);
} else {
console.log(`The given password: ${password} is not strong`);
}
Result:
The given password: V3ry5tR0ngP@ssw0rd is strong
The given password: thisispassword1 is not strong
The regular expression for email validation
/^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#\$%\^&\*])(?=.{8,})/
Explanation of the above regex
/ /
: Contains all the patterns to match into, it acts as a holder for patterns, and it is at the start and end of regex patterns
^
: Matches from the beginning of the string to the beginning of the line
(?=
: Checks for matches in the given set of data, else returns an error.
.
: It matches one continuous word without a break in the line
*
: It matches the preceding tokens
[
: Matches all the characters in the set
a-z
: Matches any character in the range of a to z alphabets (only small alphabets)
]
: End of set
)
: End of a positive lookahead
(?=.*[A-Z])
: Same as the above positive lookahead but the difference is it looks in the range of A to Z (capital)
(?=.*[!@#\$%\^&\*])
: Same as (?=.*[A-Z])
but the character set contains special characters
!
: Matches the exclamation mark (!
)@
: Checks and matches the at sign (@
)#
: Matches the Hash symbol (#
)\$
: Escapes the special character and matches the dollar sign ($
)%
: Matches the percentage symbol (%
)\^
: Escapes the special character and caret symbol (^
)&
: Matches the ampersand symbol (&
)\*
: Escapes the special character and matches the asterisk symbol (*
)
: Same as positive lookahead but here (?=.*{8,})
{8,}
, it matches 8 or more token
Findings from the above regular expression pattern
From the above explanation, we can say that mostly (?=.)
positive lookahead was used to check for matching characters found in the given [a-z], [A-Z], [!@#\$%\^&\*]
set of characters. Also, the provided string must be of length 8 or more denoted by {8,}
. So, from this, we can conclude that the password string will be a valid and strong password when it follows the pattern of the above regular expression.
Conclusion
So, in this article, we looked at how to Validate Strong Password Using regex in detail, and also touched upon the pattern of RegEx used for it to be considered a strong password. For a more detailed view of Regular expression look into regexr.com, as it provides an interactive environment for learning, trying, and testing out regular expression and pattern matching. Also, check out our article on email validation using regular expression in JavaScript Here: How To Validate Email Using regex In Javascript.