Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Simple password construct validator for PHP
<?php
/*
* Simple password construct validator for PHP
* Joaquim Homrighausen <joho@webbplatsen.se>
* May 30, 2019
* TEAMYUJO
*
* Do whatever you want with this snippet :)
*
* This may not necessarily agree with the section
* "Strength of Memorized Secrets" in the document
* from NIST:
*
* NIST Special Publication 800-63B
* Digital Identity Guidelines
* Authentication and Lifecycle Management
* https://pages.nist.gov/800-63-3/sp800-63b.html
*/
function password_check_construct ($pstr, $min_length = 8)
{
//Setup pattern and stuff minimum requested length into it
if ($min_length < 4) {
//We need at least four characters to satisfy our regexp
$min_length = 4;
}
$match_rules = '/^(?=.{'.(int)$min_length.',})(?=.*[a-z])(?=.*[0-9])(?=.*[A-Z])(?=.*[[:punct:]]).*$/';
//Require at least one a-z, one A-z, one 0-9, and one punctuation/special character
if (preg_match ($match_rules, $pstr) === 1) {
return (true);
}
return (false);
}
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.