I want to allow the user to enter her own username and password.
I want to validate the password the way lots of programs do.... that it has
to be:
- 6 or more characters.
- must be at least one upper and one lower case letter in the password.
- must be at least one number in the password.
Does anyone know where I can find a script to do this validation or something
similar. I'm just too lazy, busy, to write one and there is no use to
re-invent the wheel as I'm sure someone out there has such a beast.
Thanks,
Al
7  4805 
Hi Al!
On Sun, 21 Sep 2003 20:07:00 GMT, "Adams-Blake Co."
<at************@adams.takeme.out.-blake.com> wrote: I want to allow the user to enter her own username and password.
I want to validate the password the way lots of programs do.... that it has
to be:
- 6 or more characters.
- must be at least one upper and one lower case letter in the password.
- must be at least one number in the password.
Does anyone know where I can find a script to do this validation or something
similar. I'm just too lazy, busy, to write one and there is no use to
re-invent the wheel as I'm sure someone out there has such a beast.
Just if you have access to your server: Use the crack extension, which
checks the password against a dictionary.
HTH, Jochen
--
Jochen Daum - CANS Ltd.
PHP DB Edit Toolkit -- PHP scripts for building
database editing interfaces. http://sourceforge.net/projects/phpdbedittk/
Jochen Daum wrote: Hi Al!
On Sun, 21 Sep 2003 20:07:00 GMT, "Adams-Blake Co."
<at************@adams.takeme.out.-blake.com> wrote:
I want to allow the user to enter her own username and password.
I want to validate the password the way lots of programs do.... that it has
to be:
- 6 or more characters.
- must be at least one upper and one lower case letter in the password.
- must be at least one number in the password.
Does anyone know where I can find a script to do this validation or
something similar. I'm just too lazy, busy, to write one and there is no use
to re-invent the wheel as I'm sure someone out there has such a beast.
Just if you have access to your server: Use the crack extension, which
checks the password against a dictionary.
HTH, Jochen
I don't want to CRACK anything, I just want to make sure the user has a
"secure" password as possible. Is there a better way to generate a secure
password besides a 50 character string of gibberish?
Al
Hi AI! I want to allow the user to enter her own username and password.
I want to validate the password the way lots of programs do.... that it has
to be:
- 6 or more characters.
- must be at least one upper and one lower case letter in the password.
- must be at least one number in the password.
Does anyone know where I can find a script to do this validation or
something similar. I'm just too lazy, busy, to write one and there is no use
to re-invent the wheel as I'm sure someone out there has such a beast.
Just if you have access to your server: Use the crack extension, which
checks the password against a dictionary.
HTH, Jochen
I don't want to CRACK anything, I just want to make sure the user has a
"secure" password as possible. Is there a better way to generate a secure
password besides a 50 character string of gibberish?
The crack extension doesn't crack anything. What it does is checking
the password against a dictionary. This is good, because hackers will
have the same dictionary at hand to crack your password. HAve a look
at the extension, its very good!
It seems to be weak on passwords longer than 12 characters though,
thats maybe due to some maths inside.
Jochen
Al
--
Jochen Daum - CANS Ltd.
PHP DB Edit Toolkit -- PHP scripts for building
database editing interfaces. http://sourceforge.net/projects/phpdbedittk/
"Adams-Blake Co." <at************@adams.takeme.out.-blake.com> writes: - 6 or more characters.
- must be at least one upper and one lower case letter in the password.
- must be at least one number in the password.
I don't want to CRACK anything, I just want to make sure the user has a
"secure" password as possible. Is there a better way to generate a secure
password besides a 50 character string of gibberish?
A 60 character string of gibberish?
More seriously
if (strlen($pwd) >= 6 && ereg("[A-Z]",$pwd) && ereg("[a-z]",$pwd)
&& ereg("[0-9]",$pwd)) {
// okay (but do the dictionary check with 'crack' too, if you can)
} else {
// reject
}
--
Chris
Chris Morris wrote: "Adams-Blake Co." <at************@adams.takeme.out.-blake.com> writes: >>- 6 or more characters.
>>
>>- must be at least one upper and one lower case letter in the password.
>>
>>- must be at least one number in the password.
I don't want to CRACK anything, I just want to make sure the user has a
"secure" password as possible. Is there a better way to generate a secure
password besides a 50 character string of gibberish?
A 60 character string of gibberish?
More seriously
if (strlen($pwd) >= 6 && ereg("[A-Z]",$pwd) && ereg("[a-z]",$pwd)
&& ereg("[0-9]",$pwd)) {
// okay (but do the dictionary check with 'crack' too, if you can)
} else {
// reject
}
Hey, thanks. I was expecting two pages of code with a ton of "if" loops and
substring compares. I really have to learn the "erge" command. I've never
understood it but it sure comes in handy.
As for "crack" to the best of my knowledge my ISP does not provide it as I
did a phpinfo() and did not see anything about it being loaded. I'll try a
piece of code and see what happens when I get a chance.
Thanks again for the ereg!
Al
I noticed that Message-ID: <87************@dinopsis.dur.ac.uk> from Chris
Morris contained the following: if (strlen($pwd) >= 6 && ereg("[A-Z]",$pwd) && ereg("[a-z]",$pwd)
&& ereg("[0-9]",$pwd)) {
// okay (but do the dictionary check with 'crack' too, if you can)
Correct me if I'm wrong, but I don't know too many dictionary words with
numbers in them. Would crack have common substitutions as well (e.g
BA1100N).
--
Geoff Berrow
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Hi Geoff!
On Mon, 22 Sep 2003 20:53:19 +0100, Geoff Berrow
<bl@ckdog.co.uk.the.cat> wrote: I noticed that Message-ID: <87************@dinopsis.dur.ac.uk> from Chris
Morris contained the following:
if (strlen($pwd) >= 6 && ereg("[A-Z]",$pwd) && ereg("[a-z]",$pwd)
&& ereg("[0-9]",$pwd)) {
// okay (but do the dictionary check with 'crack' too, if you can)
Correct me if I'm wrong, but I don't know too many dictionary words with
numbers in them. Would crack have common substitutions as well (e.g
BA1100N).
It does stuff like that, but I don't know what and to which extend.
Jochen
--
Jochen Daum - CANS Ltd.
PHP DB Edit Toolkit -- PHP scripts for building
database editing interfaces. http://sourceforge.net/projects/phpdbedittk/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: D. Alvarado |
last post by:
What recommendations do you have about how to validate web pages that
are password protected, short of saving the page, uploading it to a
public server, and then running it through a validator?
...
|
by: Karl Burrows |
last post by:
Here's a simple script I have pulled from various sources and wondered if
there was a way to improve it. First, if the type the wrong password, I
would like to redirect them to another login page...
|
by: Skeets |
last post by:
i have an application that should allow acces to linux administrators
only.
iow, i want to code a php script that will be able to compare the
entered password with the linux adminstrator's...
|
by: CK |
last post by:
Hello All,
I have a page with a text box. It has a required field validator, and a
regualur expression validator tied to it. A valid email is required. When
clientside is enabled it works...
|
by: Vadim |
last post by:
Hi!
I am looking for HTML validator with the following restrictions:
1. Web server is the localhost (page should be validated locally).
2. The page is dynamic (generated by PHP with client side...
| | |
by: Jon Paal |
last post by:
when user loses their password, the membership module emails a new password , the format is very complex.
how can I set the format to be simple alphanumeric - say 7 characters long ?
|
by: timw.google |
last post by:
Hi
I want to write a python script that runs rsync on a given directory
and host. I build the command line string, but when I try to run
subprocess.call(cmd), or p=subprocess.Popen(cmd,...
|
by: Prisoner at War |
last post by:
Actually, it doesn't have to be a blockquote...but I'm at my wits'
end: I want to make bold several lines of text which have a pair of
<br /tags between them...seems like the <b></bdo not "carry...
|
by: ahilar12 |
last post by:
hi all,
i wanted to check whether the password entered matches with the confirm password.either through javascript or through php.i have enclosed my code somebody help on this
<html>
...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
