question

Jackson1990-7147 avatar image
0 Votes"
Jackson1990-7147 asked LanHuang-MSFT answered

Password issue in C#

Hi,
It does fall into the If condition below, when I have "H6666661_" as the value passed to it. Why?

         *var password = (value == null) ? string.Empty : value.ToString();
             var pattern = new Regex("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%]).{6,20})");
             if (!pattern.IsMatch(password))
             {*

dotnet-csharpdotnet-aspnet-generaldotnet-aspnet-webpages
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LanHuang-MSFT avatar image
0 Votes"
LanHuang-MSFT answered

Hi @Jackson1990-7147,
You can refer to the following code, which is easier to understand when written separately.
The length of the string must be between 8 and 15 characters. String must contain at least one number, at least one uppercase letter, at least one lowercase letter, and at least one special character.

  private bool ValidatePassword(string password, out string ErrorMessage)
         {
             var input = password;
             ErrorMessage = string.Empty;
    
             if (string.IsNullOrWhiteSpace(input))
             {
                 throw new Exception("Password should not be empty");
             }
    
             var hasNumber = new Regex(@"[0-9]+");
             var hasUpperChar = new Regex(@"[A-Z]+");
             var hasMiniMaxChars = new Regex(@".{8,15}");
             var hasLowerChar = new Regex(@"[a-z]+");
             var hasSymbols = new Regex(@"[!@#$%^&*()_+=\[{\]};:<>|./?,-]");
    
             if (!hasLowerChar.IsMatch(input))
             {
                 ErrorMessage = "Password should contain at least one lower case letter.";
                 return false;
             }
             else if (!hasUpperChar.IsMatch(input))
             {
                 ErrorMessage = "Password should contain at least one upper case letter.";
                 return false;
             }
             else if (!hasMiniMaxChars.IsMatch(input))
             {
                 ErrorMessage = "Password should not be lesser than 8 or greater than 15 characters.";
                 return false;
             }
             else if (!hasNumber.IsMatch(input))
             {
                 ErrorMessage = "Password should contain at least one numeric value.";
                 return false;
             }
    
             else if (!hasSymbols.IsMatch(input))
             {
                 ErrorMessage = "Password should contain at least one special case character.";
                 return false;
             }
             else
             {
                 return true;
             }
         }

Best regards,
Lan Huang


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Paul-5034 avatar image
0 Votes"
Paul-5034 answered Paul-5034 commented

It's not matching because the second group doesn't match the input string. The first one does (?=.*\d). This matches the start of the string, not the first character, because nothing precedes the opening parenthesis. It checks the pattern of anything followed by a digit, which matches H6666661 (without the underscore)

The positive lookahead doesn't consume the characters it's looking ahead to, so it'll start from the beginning again with the next lookahead (?=.*[a-z]). This doesn't match because you're trying to match anything followed by a lowercase alphabetic character. Your sequence starts with an uppercase alphabetic character, but that's being matched against the .* (along with every proceeding character,) and there's no lowercase alphabetic character in the string at all.

It's easier to test this with a regex evaluation tool like regex101.com to see what's going on: https://regex101.com/r/bvVDmh/1

Also in your C# if you prefix your pattern string with @ then you don't have to escape any characters like you're doing with \\d, for example:

new Regex(@"...


That way you can copy between your code and regex101.com without having to remove the escape characters.

· 8
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,
How to adjust the code? I put like "3h666661_" as the password, and it is still not OK.

0 Votes 0 ·
Paul-5034 avatar image Paul-5034 Jackson1990-7147 ·

Do you have an expected password format or are you just trying to find a password that matches?

0 Votes 0 ·

Hi,
I want to know which pattern will fit it.

0 Votes 0 ·
Show more comments