Created
May 30, 2019 09:03
-
-
Save joho1968/3758dfbb1adf18d8f05bab37bbffcff6 to your computer and use it in GitHub Desktop.
Simple password construct validator for PHP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * Simple password construct validator for PHP | |
| * Joaquim Homrighausen <[email protected]> | |
| * May 30, 2019 | |
| * TEAMYUJO | |
| * | |
| * Do whatever you want with this snippet :) | |
| * | |
| * This may not necessarily agree with the section | |
| * "Strength of Memorized Secrets" in the document | |
| * from NIST: | |
| * | |
| * NIST Special Publication 800-63B | |
| * Digital Identity Guidelines | |
| * Authentication and Lifecycle Management | |
| * https://pages.nist.gov/800-63-3/sp800-63b.html | |
| */ | |
| function password_check_construct ($pstr, $min_length = 8) | |
| { | |
| //Setup pattern and stuff minimum requested length into it | |
| if ($min_length < 4) { | |
| //We need at least four characters to satisfy our regexp | |
| $min_length = 4; | |
| } | |
| $match_rules = '/^(?=.{'.(int)$min_length.',})(?=.*[a-z])(?=.*[0-9])(?=.*[A-Z])(?=.*[[:punct:]]).*$/'; | |
| //Require at least one a-z, one A-z, one 0-9, and one punctuation/special character | |
| if (preg_match ($match_rules, $pstr) === 1) { | |
| return (true); | |
| } | |
| return (false); | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment