Regular Expression (Big Problem)

vinod_yadav1919 · October 27th, 2004, 11:56 PM

i want to put following constraints for password validations using regular Expression:
1)IT should start from 2 lower case letters(non consecutive)
2)after that it must contain 2 same numbers.
3)after that it must contain 3 Capital Letters which should be same
4)then any (letter or number) for next two positions
e.g. vn55CCCxy or pn88AAAab or km99BBB99

pgtips · October 28th, 2004, 04:21 AM

Try this one
^([a-z])(?!\1)[a-z]([0-9])\2([A-Z])\3\3[a-zA-Z0-9]{2}$

I'll break it down for you:
([a-z])(?!\1)[a-z] checks for 2 lower case letters, but not repeated
([0-9])\2 checks for 2 same numbers
([A-Z])\3\3 checks for 3 same capital letters
[a-zA-Z0-9]{2} allows any letter or number for last 2 positions

hth
Phil

joefawcett · October 28th, 2004, 04:53 AM

Quote:

quote:Originally posted by pgtips
Try this one
^([a-z])(?!\1)[a-z]([0-9])\2([A-Z])\3\3[a-zA-Z0-9]{2}$

I'll break it down for you:
([a-z])(?!\1)[a-z] checks for 2 lower case letters, but not repeated
([0-9])\2 checks for 2 same numbers
([A-Z])\3\3 checks for 3 same capital letters
[a-zA-Z0-9]{2} allows any letter or number for last 2 positions

hth
Phil

Very good. Aside from the odd initial requirement if this were to be used client side how many browsers support the (?!) syntax? My machine did but some of the older set ups at work didn't like it.

--

Joe

pgtips · October 28th, 2004, 05:16 AM

Hi Joe,

I didn't know there was a problem with using js support for negative lookaheads.

You're right about the odd initial requirement though. IMO if you think you're getting good security by asking users to create an awkward password like this then they'll just write it down!

rgds
Phil

joefawcett · October 28th, 2004, 05:51 AM

Quote:

quote:Originally posted by pgtips
Hi Joe,

I didn't know there was a problem with using js support for negative lookaheads.

I'll test some more...

Quote:

quote:
You're right about the odd initial requirement though. IMO if you think you're getting good security by asking users to create an awkward password like this then they'll just write it down!

rgds
Phil

Well with the repetitions the password is actually aa1B?? which has a lot lower entropy, even more so as the first two letters are different. More like a product code...

--

Joe

vinod_yadav1919 · November 3rd, 2004, 03:07 AM

Hii Phil

Many Many thanks to you for providing the answer.I still have some confusion.

I have keen interest to work more on Regular Expression,Sometimes I get confuse for Back References and grouping.
so how can we write regular expression for three characters that must be different usinig backreferences??
like--abd and acd but not the aba ,acc etc.
I mean sencond and third character should not be matched with previous characters.
Awaiting for your reply
Thanks to You

vinod

vinod_yadav1919 · November 3rd, 2004, 05:24 AM

Hii Phil
I got the solution

Expression1=/^([a-z])(?!\1)([a-z])(?!\2)(?!\1)([a-z])$/ which is same as the answer given by you .
Expression2=/^([a-z])(?!\1)[a-z]([0-9])\2([A-Z])\3\3[a-zA-Z0-9]{2}$/

I have one silly question and need answer from You.

I used your ([a-z])(?!\1)[a-z] checks for 2 lower case letters, but not repeated

but when i use the regular expression
Expression3=/^([a-z])(?!\1)[a-z]$/ its not working to check 2 lower case letters butnot repeated

instead of
Expression4=/^([a-z])(?!\1)([a-z])$/ is working correctly.

Would u tell me there is no grouping of [a-z] after ur (?!\1) and still working in that case.
But when i use your expression in Expression3 it's not working.
While Expression4 is working correctly.

Please Give me the answer in detail if possible.
Thanks in Advance!!!

vinod