See also How to ask better questions using Test::More and sample data. You can do it all in a single regex, see perlretut (and perlre) in regards to alternations, character classes, and lookaheads. However, perhaps my test cases below will give a hint that these password rules aren't necessarily good indicators of password quality; perhaps use one of the other established methods like Data::Password::zxcvbn instead. If this happens to be for a website, note there's also a JavaScript version of the "zxcvbn" algorithm that allows you to give live feedback to the user when and why a password isn't good, so they can know while choosing one; of course it should still be verified on the server in case they have JS disabled.
Update: Note that given/when are unforunately still experimental, in this case I'd suggest normal ifs instead.
Update 2: The talk on the library is great: https://youtu.be/vf37jh3dV2I (even just the first five minutes on the issues)
Update 3: A slightly optimized version of the regex below, that turns out to be pretty fast:
my $pw_re = qr{ \A (?: .{20,} | (?=.*[a-z]) (?=.*[A-Z])
(?: .{16,19} | (?=.*[0-9]) (?: .{12,15}
| (?=.*[\x21-\x2F\x3A-\x40\x5B-\x60\x7B-\x7E]) .{8,11}
) ) ) \z }msx;
Original code:
use warnings;
use strict;
my $pw_re =
qr{ \A (?:
.{20,}
| (?=.*[a-z]) (?=.*[A-Z])
.{16,19}
| (?=.*[a-z]) (?=.*[A-Z]) (?=.*[0-9])
.{12,15}
| (?=.*[a-z]) (?=.*[A-Z]) (?=.*[0-9])
(?=.*[\x21-\x2F\x3A-\x40\x5B-\x60\x7B-\x7E])
.{8,11}
) \z }msx;
use Test::More;
unlike '', $pw_re;
unlike 'aA0-', $pw_re;
unlike 'aA0-aA0', $pw_re;
like 'aA0-aA0-', $pw_re;
like 'aaaaaA0-', $pw_re;
like 'aaaaaaaaA0-', $pw_re;
unlike 'aaaaaaaaa0-', $pw_re;
unlike 'aaaaaaaaAA-', $pw_re;
unlike 'AAAAAAAAA0-', $pw_re;
unlike 'aaaaaaaaA00', $pw_re;
like 'aaaaaaaaaaA0', $pw_re;
like 'aaaaaaaaa-A0', $pw_re;
like 'aaaaaaaaaaaaaA0', $pw_re;
unlike 'aaaaaaaaaaaaaaA', $pw_re;
unlike 'aaaaaaaaaaaaaa0', $pw_re;
unlike 'AAAAAAAAAAAAAA0', $pw_re;
unlike 'aaaaaaaaaaaaa-A', $pw_re;
unlike 'aaaaaaaaaaaaa-0', $pw_re;
like 'aaaaaaaaaaaaaaaA', $pw_re;
like 'aaaaaaaaaaaaaa0A', $pw_re;
like 'aaaaaaaaaaaaa-0A', $pw_re;
like 'aaaaaaaaaaaaaaaaaaA', $pw_re;
unlike 'aaaaaaaaaaaaaaaaaaa', $pw_re;
unlike 'AAAAAAAAAAAAAAAAAAA', $pw_re;
unlike 'aaaaaaaaaaaaaaaaaa0', $pw_re;
unlike 'aaaaaaaaaaaaaaaaaa-', $pw_re;
like 'aaaaaaaaaaaaaaaaaaaa', $pw_re;
like 'aaaaaaaaaaaaaaaaaA0-', $pw_re;
like 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa', $pw_re;
done_testing;
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.
