How to validate password strength in PHP
Today, we’ll explain to you how to validate password strength in PHP. It is very useful to check that the password is strong which protects the user accounts and prevents hacking.
Using regular expressions, we will validate the password strength in PHP.
Check the following points to validate the password strength
- Password must be a minimum of 8 characters
- Password must contain at least 1 number
- Password must contain at least one uppercase character
- Password must contain at least one lowercase character
- Password must contain at least one special character
In the code below, we will use the PHP function preg_match() to check if the password matches the defined pattern.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | <?php $password = $_POST['password']; $number = preg_match('@[0-9]@', $password); $uppercase = preg_match('@[A-Z]@', $password); $lowercase = preg_match('@[a-z]@', $password); $specialChars = preg_match('@[^\w]@', $password); if(strlen($password) < 8 || !$number || !$uppercase || !$lowercase || !$specialChars) { echo "Password must be at least 8 characters in length and must contain at least one number, one upper case letter, one lower case letter and one special character."; } else { echo "Your password is strong."; } ?> |
Example
Let’s take an example to check the output. Use the above code with the HTML as below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | <?php $msg=""; if(isset($_POST['password'])) { $password = $_POST['password']; $number = preg_match('@[0-9]@', $password); $uppercase = preg_match('@[A-Z]@', $password); $lowercase = preg_match('@[a-z]@', $password); $specialChars = preg_match('@[^\w]@', $password); if(strlen($password) < 8 || !$number || !$uppercase || !$lowercase || !$specialChars) { $msg = "Password must be at least 8 characters in length and must contain at least one number, one upper case letter, one lower case letter and one special character."; } else { $msg = "Your password is strong."; } } ?> <html> <head> <title>Validate password strength in PHP - Clue Mediator</title> </head> <body> <h3>Validate password strength - <a href="https://www.cluemediator.com/" target="_blank" rel="noopener noreferrer">Clue Mediator</a></h3> <form method="POST"> <input type="password" name="password" required /> <input type="submit" value="Check" /><br /> <span><?php echo $msg?></span> </form> </body> </html> |
We can also check the password strength in a single pattern with regex.
1 2 3 4 5 6 7 | <?php if (!preg_match("#.*^(?=.{8,20})(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*\W).*$#", $password)) { echo "Password must be at least 8 characters in length and must contain at least one number, one upper case letter, one lower case letter and one special character."; } else { echo "Your password is strong."; } ?> |
Output
Run the code and check the output in the browser.
That’s it for today.
Thank you for reading. Happy Coding..!!
+ for the post
Glad it helped!
Oh my goodness! Amazing article dude! Thanks, However I am encountering problems with your RSS. I don’t understand why I am unable to join it. Is there anybody else having the same RSS problems? Anyone that knows the solution will you kindly respond? Thanx!!