带有数字或特殊字符的密码复杂性正则表达式 [英] Password complexity regex with number or special character

问题描述

我有一些正则表达式，可以检查输入密码的复杂性要求.但是，它不足以满足我的需求.

I've got some regex that'll check incoming passwords for complexity requirements. However it's not robust enough for my needs.

((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,20})

它可以确保密码长度不超过最小长度，同时包含两种情况的字符和数字.

It ensures that a password meets minimum length, contains characters of both cases and includes a number.

但是，我需要对其进行修改，使其可以包含数字和/或允许的特殊字符.我什至得到了允许使用的特殊字符的列表.

However I need to modify this so that it can contain a number and/or an allowed special character. I've even been given a list of allowed special characters.

我有两个问题，定界特殊字符并使第一个条件与数字或特殊字符匹配和/或匹配.

I have two problems, delimiting the special characters and making the first condition do an and/or match for number or special.

我真的很感谢正则表达式神之一围绕这些部分的建议.

I'd really appreciate advice from one of the regex gods round these parts.

允许的特殊字符为:@%+\/'!#$^?:.(){}[]~-_

推荐答案

如果我正确理解了您的问题，那么您正在寻找可能需要另一个特殊字符的可能性.可以按照以下步骤进行操作(请参阅最后的回顾):

If I understand your question correctly, you're looking for a possibility to require another special character. This could be done as follows (see the last lookahead):

((?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!§$%&/(/)]).{8,20})

在 regex101.com 上查看有关此方法的演示.
但是，通过进一步的批准，您可以使表达更加出色:点号(.*)使您脱颖而出，然后回溯.如果您的密码说的是10个字符，并且要确保要完成四个前瞻，那么您至少需要 40个步骤(甚至还需要引擎回溯). br> 要优化您的表情，您可以使用所需字符的完全相反，从而使引擎更快地结束.此外，如评论中已指出的那样，请勿限制您的最大密码长度.
用正则表达式的语言可以归结为:

See a demo for this approach here on regex101.com.
However, you can make your expression even better with further approvements: the dot-star (.*) brings you down the line and backtracks afterwards. If you have a password of say 10 characters and you want to make sure, four lookaheads need to be fulfilled, you'll need at least 40 steps (even more as the engine needs to backtrack).
To optimize your expression, you could use the exact opposite of your required characters, thus making the engine come to an end faster. Additionally, as already pointed out in the comments, do not limit your maximum password length.
In the language of regular expressions, this would come down to:

((?=\D*\d)(?=[^a-z]*[a-z])(?=[^A-Z]*[A-Z])(?=.*[!§$%&/(/)]).{8,})

采用第一种方法，需要 63个步骤 ，而仅优化版本需要 29步 (一半！).关于第二个问题，允许数字或为特殊字符，您可以像这样简单地使用替代(|):

With the first approach, 63 steps are needed, while the optimized version only needs 29 steps (the half!). Regarding your second question, allowing a digit or a special character, you could simply use an alternation (|) like so:

((?:(?=\D*\d)|(?=.*[!§$%&/(/)]))(?=[^a-z]*[a-z])(?=[^A-Z]*[A-Z]).{8,})

或者也将\d放在括号中，如下所示:

Or put the \d in the brackets as well, like so:

((?=[^a-z]*[a-z])(?=[^A-Z]*[A-Z])(?=.*[\d!§$%&/(/)]).{8,})

该密码将被认为是ConsideredAgoodPassw!rd和C0nsideredAgoodPassword的好密码.

This one would consider to be ConsideredAgoodPassw!rd and C0nsideredAgoodPassword a good password.

这篇关于带有数字或特殊字符的密码复杂性正则表达式的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！