Simple password construct validator for PHP
<?php | |
/* | |
* Simple password construct validator for PHP | |
* Joaquim Homrighausen <joho@webbplatsen.se> | |
* May 30, 2019 | |
* TEAMYUJO | |
* | |
* Do whatever you want with this snippet :) | |
* | |
* This may not necessarily agree with the section | |
* "Strength of Memorized Secrets" in the document | |
* from NIST: | |
* | |
* NIST Special Publication 800-63B | |
* Digital Identity Guidelines | |
* Authentication and Lifecycle Management | |
* https://pages.nist.gov/800-63-3/sp800-63b.html | |
*/ | |
function password_check_construct ($pstr, $min_length = 8) | |
{ | |
//Setup pattern and stuff minimum requested length into it | |
if ($min_length < 4) { | |
//We need at least four characters to satisfy our regexp | |
$min_length = 4; | |
} | |
$match_rules = '/^(?=.{'.(int)$min_length.',})(?=.*[a-z])(?=.*[0-9])(?=.*[A-Z])(?=.*[[:punct:]]).*$/'; | |
//Require at least one a-z, one A-z, one 0-9, and one punctuation/special character | |
if (preg_match ($match_rules, $pstr) === 1) { | |
return (true); | |
} | |
return (false); | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment