正则表达式验证Active Directory中的默认密码复杂 [英] Regex that validates Active Directory default password complexity
问题描述
我有,我需要检查并确定它们是否符合默认3 4规则AD的密码列表。
规则是包含3的4以下要求: 小写字母(A-Z) 大写字母(A-Z) 数字(0-9) 特殊字符(!@#$%^&放大器; *()_ + =)
我仍然在学习正则表达式。我知道如何只能选择那些符合任意一个字符的情况下,但我不知道该怎么办3 4。
作为一个侧面说明,AD复杂性有两个细微之处是很重要的(但在对原来的问题范围内)。
这实在是3 5。五是统一code字符。善待与更新的正则表达式。
另外就是你不能在整个sAMAccountName赋值的密码(不区分大小写),也不如果拆分DisplayName值到令牌拆分后空格,逗号,破折号,下划线,英镑,管道和其他东西这些令牌( 3个字符和更长),无法在整个的密码,不区分大小写。
如果你真的想要一个大的正则表达式将是这样的:
<$p$p><$c$c>(?=^.{8,255}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*请注意,它也加强了密码长度为8到255个字符之间。您可以在首节改变{8255}部分来调节长度的要求。还值得一提的是,这是为我工作在一个标准的ASP.NET RegularEx pressionValidator 控制。
比赛:PASSW0RDPASSW @ RD1B2a345 @#$%
不匹配:123123123,密码,航空自卫队和放大器;放大器;
来源(通过RegExLib.com马修·哈扎德)
I have a list of passwords that I need to examine and determine if they meet the default 3 of 4 rule for AD.
Rule is contain 3 of the 4 following requirements: lower case character (a-z) upper case character (A-Z) numeric (0-9) special character ( !@#$%^&*()_+= )
I am still learning Regex. I know how to select only those that meet any one character case, but I am not sure how to do 3 of 4.
As a side note, the AD Complexity has two more subtleties that are important (but out of scope of the original question).
It is really 3 of 5. The fifth is Unicode character. Be nice to update the Regex with that.
The other is you cannot have the sAMAccountName value in whole in the password (case insensitive), nor if you split the displayName value into tokens split upon space, comma, dash, underscore, pound, pipe and something else those tokens (3 chars and longer) cannot be in whole in the password, case insensitive.
If you really want one big regex it would be something like this:
(?=^.{8,255}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*
Note that it also enforces password length to be between 8 and 255 characters. You can change the "{8,255}" portion in the first section to adjust the length requirements. It is also worth noting that this is working for me in a standard ASP.NET RegularExpressionValidator control.
Matches: "Passw0rd" "passW@rd" "1B2a345@#$%"
Non-Matches: "123123123" "Password" "asdf&"
Source (Matthew Hazzard via RegExLib.com)
这篇关于正则表达式验证Active Directory中的默认密码复杂的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
