检查字符串是否有足够强的密码 [英] Checking strings for a strong enough password
问题描述
我只是想知道在字符串中搜索某些条件(具体来说是密码强度)的最佳方法是什么.
I was just wondering what the best way to search a string for certain criteria (password strength to be specific) could be accomplished.
到目前为止,我有一个简单的:
So far I have a simple:
if(password.Length <= 7)
{
errorMessage = "Your password must be at least 8 characters.";
}
我希望能够检查大写字母,但我不确定方法或程序是什么.我试过谷歌搜索,搜索网站:http://msdn.microsoft.com,并搜索我的索引C# 书(C# Programming 3E,Barbara Doyle 着),但我似乎找不到.
I would like to be able to check for capital letters, but I am not sure what the method or procedure is. I have tried Googling, searching the website: http://msdn.microsoft.com, and searching the index of my C# book (C# Programming 3E, by Barbara Doyle), but I can't seem to find any.
我知道我可以试试这个...:
I know I could try this...:
foreach(char c in password)
{
if(c!='A' || c!='B' || c!='C' || c!='D' ..... || c!='Z')
{
errorMessage = "Your password must contain at least one capital letter";
}
}
...但这将非常草率,并且必须加倍才能检查至少一个小写字母.我确信有更好的方法来做到这一点,或者至少是我上面显示的方法的简写.
...But that would be extremely sloppy, and would have to be doubled to check for at least one lowercase letter. I am sure there is a better way to do this, or at least shorthand for the method I have shown above.
另外,我可能会决定检查特殊字符的密码(在上面的示例中似乎比使用大小写字母更容易,所以我可以只将它用于特殊字符,如果我决定让它们成为必要的话).如果有一种简单(或适当)的方法可以做到这一点,我也很想拥有这些知识.
Also, I may decide to check the password for special characters (seems easier to do in the example above than with upper and lower case letters, so I may just use that for special characters, should I decide to make them necessary). If there is an easy (or proper) way to do that, I would love to have that knowledge, as well.
无论如何,非常感谢您提供的任何帮助.
Anyway, thank you so much for any help anyone can give.
推荐答案
我不能相信,因为我从 这里
I can't take the credit, as I stole this from here
using System.Text;
using System.Text.RegularExpressions;
public enum PasswordScore
{
Blank = 0,
VeryWeak = 1,
Weak = 2,
Medium = 3,
Strong = 4,
VeryStrong = 5
}
public class PasswordAdvisor
{
public static PasswordScore CheckStrength(string password)
{
int score = 0;
if (password.Length < 1)
return PasswordScore.Blank;
if (password.Length < 4)
return PasswordScore.VeryWeak;
if (password.Length >= 8)
score++;
if (password.Length >= 12)
score++;
if (Regex.Match(password, @"/d+/", RegexOptions.ECMAScript).Success)
score++;
if (Regex.Match(password, @"/[a-z]/", RegexOptions.ECMAScript).Success &&
Regex.Match(password, @"/[A-Z]/", RegexOptions.ECMAScript).Success)
score++;
if (Regex.Match(password, @"/.[!,@,#,$,%,^,&,*,?,_,~,-,£,(,)]/", RegexOptions.ECMAScript).Success)
score++;
return (PasswordScore)score;
}
}
注意使用正则表达式检查大写字符.这似乎是一种不错的方法,因为它会检查长度、大小写字符的使用、数字和特殊字符.
Note the use of regex for checking for upper case characters. This appears to be a decent approach, as it checks length, use of upper and lower case characters, numeric digits and special characters.
** 更新**
我知道问题现在已经结束,但我可以添加更多解释让 VoidKing 理解一些概念.
I know the question is now closed, but I can add more explanation for VoidKing to understand some of the concepts.
从 CheckStrength 方法返回的 PasswordScore 可用作代码中下一步操作的条件.
A PasswordScore is returned from the CheckStrength method, which can be used as the condition for what to do next in your code.
以下是如何使用上述代码的未经测试的演示:
Here's an untested demo of how the above code could be used:
String password = "MyDummy_Password"; // Substitute with the user input string
PasswordScore passwordStrengthScore = PasswordAdvisor.CheckStrength(password);
switch (passwordStrengthScore) {
case PasswordScore.Blank:
case PasswordScore.VeryWeak:
case PasswordScore.Weak:
// Show an error message to the user
break;
case PasswordScore.Medium:
case PasswordScore.Strong:
case PasswordScore.VeryStrong:
// Password deemed strong enough, allow user to be added to database etc
break;
}
在这种情况下,枚举被用作将密码强度分类为人类可读组的一种方法.保持代码整洁,并让代码中发生的事情一目了然.
Enums are used in this case as a means of classifying the strength of the password into human-readable groups. Keeps the code clean, and makes it obvious what is going on in the code.
关于 Regex 的使用,如果您不熟悉它们的概念以及如何以及何时使用它们,我建议您进行一些研究,因为这些对于检查字符串中的模式在许多不同的场景中都很有用.也许从这里开始.
Regarding the use of Regex's, if you're unfamiliar with the concept of them and how and when to use them, I suggest doing some research as these can be useful in many different scenarios for checking for patterns in strings. Perhaps start here.
这篇关于检查字符串是否有足够强的密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
