CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: Regular Expressions:
Password verification.

 



patk
Deleted

Jul 27, 2000, 12:15 PM

Post #1 of 5 (2994 views)
Password verification. Can't Post

Hello,
I'm trying to make sure that a password
from my input meets these UNIX rules:
1) Contains enought different charecters, i.e. NOT patkpatk or something repeated.
2) Contains atleast one number and one capital letter.
3) Has atleast 8 charecters.

I've never tried to do an expression like
this but I've seen it done before with perl (I've never got to see the source code :-( ..)
an example of an exceptable password is something like
==========
Patkrules9
==========
I wouldn't bother but my UNIX host demands it for userid's.
My current source code (Missing the most important part! The expression)
is below if it's any help.
========================================================
#!/usr/bin/perl
require "cgi-lib.pl";
&ReadParse;
$username = $in{'username'};
$password = $in{'password'};
if ($password =~ /\|/) {
print "Content-type:text/html\n\n";
print "The password you entered ($password) contains an invalid charecter. ";
print "Press your back button to correct the problem.";
exit;}

# Here I need the expression!
if ($password =~ /\|/CONTAINS/ERRORS/AS/STATED/ABOVE) {
print "Content-type:text/html\n\n";
print "The password you entered ($password) does not";
print "meet the standard UNIX rules:<br>1) It must contain one capital";
print " letter and one number.<br>2) Nothing repeated like user+user.<br>";
print "3) It must be atleast 8 charecters long. Press your back button to";
print " correct the problem.";
exit;}

&do_succesful_stuff;
=============================================================

This is pretty urgent so I would really appreciate the help!
Pat Kenyon
patk@self-made-man.com


perlkid
stranger

Jul 28, 2000, 12:17 AM

Post #2 of 5 (2994 views)
Re: Password verification. [In reply to] Can't Post

 
This will check for everything except for repeating words.

$password = "02Perlkid";
# Must have both cases
if ($password =~ /[A-Z][a-z]/){}
else
{
print "Your Passord Must Contain At Least one upper case character.<br>";
}
#This Will check for the length. Less Than 8 is Not Accepted
if (length($password) < 8)
{
print "Your Password must be at least 8 characters long.<br>";
}
# Must have at least one number
if ($password =~ /[0-9]/){}
else
{
print "Your Passord Must Contain At Least one numerical character.";
}

perlkid


mckhendry
Deleted

Jul 28, 2000, 7:26 AM

Post #3 of 5 (2994 views)
Re: Password verification. [In reply to] Can't Post

perlkid, your first regex won't match a password like 'h54sdkhA' or 'A573h3A7' because you restrict the order to be an uppercase immediately followed by a lowercase. If you add an OR to the condition that allows for a lowercase eventually followed by an uppercase, and change the regex so it doesn't force the uppercase to be immediately followed by a lowercase, but eventually followed, you'll be ok.

if ($password =~ /[A-Z][^a-z]*[a-z]/ &#0124; &#0124; $password =~ /[a-z][^A-Z]*[A-Z]/){}

Actually, nevermind the above condition, this is probably more efficient:

if ($password =~ /[A-Z]/ && $password =~ /[a-z]/) {}

[This message has been edited by mckhendry (edited 07-28-2000).]


Kanji
User / Moderator

Jul 28, 2000, 9:10 AM

Post #4 of 5 (2994 views)
Re: Password verification. [In reply to] Can't Post

<BLOCKQUOTE><font size="1" face="Arial,Helvetica,sans serif">code:</font><HR>

for ( $password ) {
length > 8 or die "Not long enough\n";


/[A-Z]/ or die "Must contain at least one capital\n";
/[a-z]/ or die "Must contain at least one lower\n";
/[0-9]/ or die "Must contain at least one number\n";


/(.)\1\1/ and die "$1 is repeated too many times\n";
/(.{2,}).*\1/ and die "$1 is repeated too many times\n";
}</pre><HR></BLOCKQUOTE>

In the above, the first repetition check disallows antyhing with three identical and consecutive characters. Add or remove more \1's if you prefer that limit be higher or lower.

Similiarly, the second repetition check disallows anything that contains duplicate strings of two or more characters. Increase or decrease the number 2 to raise or drop the minimum number of characters you consider to be a string. ie, {3,} would be three or more, etc.


perlkid
stranger

Jul 28, 2000, 2:05 PM

Post #5 of 5 (2994 views)
Re: Password verification. [In reply to] Can't Post

 
Thanks For The Correction mckhendry,

I didn't catch that.

perlkid Smile

 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives