in reply to Efficient way to verify scalar contents
See also How to ask better questions using Test::More and sample data. You can do it all in a single regex, see perlretut (and perlre) in regards to alternations, character classes, and lookaheads. However, perhaps my test cases below will give a hint that these password rules aren't necessarily good indicators of password quality; perhaps use one of the other established methods like Data::Password::zxcvbn instead. If this happens to be for a website, note there's also a JavaScript version of the "zxcvbn" algorithm that allows you to give live feedback to the user when and why a password isn't good, so they can know while choosing one; of course it should still be verified on the server in case they have JS disabled.
Update: Note that given/when are unforunately still experimental, in this case I'd suggest normal ifs instead.
Update 2: The talk on the library is great: https://youtu.be/vf37jh3dV2I (even just the first five minutes on the issues)
Update 3: A slightly optimized version of the regex below, that turns out to be pretty fast:
my $pw_re = qr{ \A (?: .{20,} | (?=.*[a-z]) (?=.*[A-Z]) (?: .{16,19} | (?=.*[0-9]) (?: .{12,15} | (?=.*[\x21-\x2F\x3A-\x40\x5B-\x60\x7B-\x7E]) .{8,11} ) ) ) \z }msx;
Original code:
use warnings; use strict; my $pw_re = qr{ \A (?: .{20,} | (?=.*[a-z]) (?=.*[A-Z]) .{16,19} | (?=.*[a-z]) (?=.*[A-Z]) (?=.*[0-9]) .{12,15} | (?=.*[a-z]) (?=.*[A-Z]) (?=.*[0-9]) (?=.*[\x21-\x2F\x3A-\x40\x5B-\x60\x7B-\x7E]) .{8,11} ) \z }msx; use Test::More; unlike '', $pw_re; unlike 'aA0-', $pw_re; unlike 'aA0-aA0', $pw_re; like 'aA0-aA0-', $pw_re; like 'aaaaaA0-', $pw_re; like 'aaaaaaaaA0-', $pw_re; unlike 'aaaaaaaaa0-', $pw_re; unlike 'aaaaaaaaAA-', $pw_re; unlike 'AAAAAAAAA0-', $pw_re; unlike 'aaaaaaaaA00', $pw_re; like 'aaaaaaaaaaA0', $pw_re; like 'aaaaaaaaa-A0', $pw_re; like 'aaaaaaaaaaaaaA0', $pw_re; unlike 'aaaaaaaaaaaaaaA', $pw_re; unlike 'aaaaaaaaaaaaaa0', $pw_re; unlike 'AAAAAAAAAAAAAA0', $pw_re; unlike 'aaaaaaaaaaaaa-A', $pw_re; unlike 'aaaaaaaaaaaaa-0', $pw_re; like 'aaaaaaaaaaaaaaaA', $pw_re; like 'aaaaaaaaaaaaaa0A', $pw_re; like 'aaaaaaaaaaaaa-0A', $pw_re; like 'aaaaaaaaaaaaaaaaaaA', $pw_re; unlike 'aaaaaaaaaaaaaaaaaaa', $pw_re; unlike 'AAAAAAAAAAAAAAAAAAA', $pw_re; unlike 'aaaaaaaaaaaaaaaaaa0', $pw_re; unlike 'aaaaaaaaaaaaaaaaaa-', $pw_re; like 'aaaaaaaaaaaaaaaaaaaa', $pw_re; like 'aaaaaaaaaaaaaaaaaA0-', $pw_re; like 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa', $pw_re; done_testing;
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^2: Efficient way to verify scalar contents (updated x3)
by ikegami (Patriarch) on Jun 23, 2020 at 18:28 UTC | |
by ikegami (Patriarch) on Jun 23, 2020 at 18:35 UTC | |
by Anonymous Monk on Jun 23, 2020 at 19:29 UTC |