Checking Password Strength

J

Jay1b

Contributor
Joined
Aug 3, 2003
Messages
640
Location
Kent, Uk.
Could someone please enlighten me on what the best way to check password strength is?

The password in question must be at least 8 characters including at least 1 numeric and 1 non-alpha-numeric character.

I can compare the two passwords, but i dont know how to ensure each one is of a certain strength.

Thanks.
 
You could skip the regular expressions and just do what seems to me to be the simplest thing: check for each quality that you want in a password. Check if it is 8 chars long, then check if it contains a number and a non-alphanumeric.
Visual Basic: 
Function ValidatePassword(ByVal Password As String) As Boolean
    If Password.Length < 8 Then Return False
    'Too short
 
    Dim HasDigit As Boolean = False
    Dim HasNonAlphaNumeric As Boolean = False
 
    For Each c As Char In Password
       If Char.IsDigit(c) Then HasDigit = True
       If Not (Char.IsLetterOrDigit(c)) Then _
           HasNonAlphaNumeric = True
    Next
 
    Return HasDigit And HasNonAlphaNumeric
    'If it has both qualities, return true.
    'If not, the password is not strong enough.
End Function
For a really "strong" password, you could check to make sure that the password is not only eight characters long and has the two special characters, but also that it does not consist of only one normal (i.e. found in a dictionary) word and the special characters. In other words, remove the number and non-alphanumeric character, and compare with a dictionary (or spell checker). If you get a match from a dictionary, or a correctly spelled word from a spell checker, you have a mid-range strength password. If not, you have a very strong password.
 
Marble, thanks for that. I was going to originally code it like that, but i didnt know how to check for non-alpha-numeric characters.

Kejpa...ermmm... thanks for that...lol... Unfortunately i dont speak Swedish :(
 
Back
Top