Password Policy Advanced Regex

tannerro
Tera Contributor

 

For anyone looking for an advanced password policy.

 

 

 

//ADD RULES LIKE THIS 'var rule1 = {'hint': gs.getMessage('Minimum 8 characters'),'regex':'^.{8,}$'};' 
//AND PUSH THEM IN THE RULES ARRAY FOR ADDING NEW RULES.  
(function executePasswordRuleScript() { 
var rules = new Array(); 
var rule1 = {'hint': gs.getMessage('Minimum 9 characters'),'regex':'^.{9,}$'}; 
var rule2 = {'hint': gs.getMessage('Minimum 1 lowercase character'),'regex':'((.*?[a-z]).*?)'};
var rule3 = {'hint': gs.getMessage('Minimum 1 uppercase character'),'regex':'((.*?[A-Z]).*?)'}; 
var rule4 = {'hint': gs.getMessage('Minimum 1 number'),'regex':'((.*?[0-9]).*?)'};  
var rule5 = {'hint': gs.getMessage('Minimum 1 special character'),'regex': '((.*?[@$#!%^&*]).*?)'};
var rule6 = {'hint': gs.getMessage('Maximum 100 characters'),'regex':'^.{0,100}$'}; 
var rule7 = {'hint': gs.getMessage('Do not include "rest" or "super"'),'regex': '(?i)^((?!foo|bar).)*$'}; 
rules.push(rule1, rule2, rule3, rule4, rule5, rule6, rule7); 
return rules; 
})(); 

 

 

 

in particular rule 7 to exclude any passwords that contain certain words (foo or bar). This behaves differently to the excluded password list of direct matches.

 

Tip:

using a tool like https://regex101.com/ (Select the Java 8 interpretation mode ('flavor'))
0 REPLIES 0