正则expression式validation密码强度

你可以使用积极的前瞻断言来做这些检查：

 ^(?=.*[AZ].*[AZ])(?=.*[!@#$&*])(?=.*[0-9].*[0-9])(?=.*[az].*[az].*[az]).{8}$ 

Rubular链接

说明：

 ^ Start anchor (?=.*[AZ].*[AZ]) Ensure string has two uppercase letters. (?=.*[!@#$&*]) Ensure string has one special case letter. (?=.*[0-9].*[0-9]) Ensure string has two digits. (?=.*[az].*[az].*[az]) Ensure string has three lowercase letters. .{8} Ensure string is of length 8. $ End anchor. 

您可以使用零长度的预测来单独指定每个约束条件：

 (?=.{8,})(?=.*\p{Lu}.*\p{Lu})(?=.*[!@#$&*])(?=.*[0-9])(?=.*\p{Ll}.*\p{Ll}) 

如果你的正则expression式引擎不支持\p表示法，纯ASCII就足够了，那么你可以用[AZ]replace\p{Lu} ，用[az]replace\p{Ll} 。

上面给出的答案是完美的，但我build议使用多个较小的正则expression式，而不是一个大的。
分割长正则expression式有一些优点：

• 易于书写和阅读
• 易于debugging
• 容易添加/删除部分正则expression式

通常这种方法保持代码易于维护 。

说了这么多，我分享了一段我在Swift编写的代码：

 struct RegExp { /** Check password complexity - parameter password: password to test - parameter length: password min length - parameter patternsToEscape: patterns that password must not contains - parameter caseSensitivty: specify if password must conforms case sensitivity or not - parameter numericDigits: specify if password must conforms contains numeric digits or not - returns: boolean that describes if password is valid or not */ static func checkPasswordComplexity(password password: String, length: Int, patternsToEscape: [String], caseSensitivty: Bool, numericDigits: Bool) -> Bool { if (password.length < length) { return false } if caseSensitivty { let hasUpperCase = RegExp.matchesForRegexInText("[AZ]", text: password).count > 0 if !hasUpperCase { return false } let hasLowerCase = RegExp.matchesForRegexInText("[az]", text: password).count > 0 if !hasLowerCase { return false } } if numericDigits { let hasNumbers = RegExp.matchesForRegexInText("\\d", text: password).count > 0 if !hasNumbers { return false } } if patternsToEscape.count > 0 { let passwordLowerCase = password.lowercaseString for pattern in patternsToEscape { let hasMatchesWithPattern = RegExp.matchesForRegexInText(pattern, text: passwordLowerCase).count > 0 if hasMatchesWithPattern { return false } } } return true } static func matchesForRegexInText(regex: String, text: String) -> [String] { do { let regex = try NSRegularExpression(pattern: regex, options: []) let nsString = text as NSString let results = regex.matchesInString(text, options: [], range: NSMakeRange(0, nsString.length)) return results.map { nsString.substringWithRange($0.range)} } catch let error as NSError { print("invalid regex: \(error.localizedDescription)") return [] } } } 

我会build议添加

 (?!.*pass|.*word|.*1234|.*qwer|.*asdf) exclude common passwords 

codaddict的解决scheme工作正常，但这是一个更高效：（Python语法）

 password = re.compile(r"""(?#!py password Rev:20160831_2100) # Validate password: 2 upper, 1 special, 2 digit, 1 lower, 8 chars. ^ # Anchor to start of string. (?=(?:[^AZ]*[AZ]){2}) # At least two uppercase. (?=[^!@#$&*]*[!@#$&*]) # At least one "special". (?=(?:[^0-9]*[0-9]){2}) # At least two digit. .{8,} # Password length is 8 or more. $ # Anchor to end of string. """, re.VERBOSE) 

否定的字符类在一个步骤中消耗所有的字符，需要零回溯。 （dot star解决scheme工作得很好，但是需要一些回溯。）当然，对于诸如密码之类的短目标string，这种效率改进将是微不足道的。