Software/Scripts How to Validate Password Strength in PHP?

emailx45

emailx45

Social Engineer
Joined
May 5, 2008
Messages
2,387
Reaction score
2,149
How to Validate Password Strength in PHP?
[SHOWTOGROUPS=4,20]
When the user provides their account password, it always recommended validating the input.

Password strength validation is very useful to check whether the password is strong.

Strong password makes the user’s account secure and helps to prevent account hack.

Using Regex (Regular Expression), you can easily validate the password strength in PHP.

In the example code, we will show you how to check password strength and validate a strong password in PHP using Regex.

The following code snippet, validate the password using preg_match() function in PHP with Regular Expression, to check whether it is strong and difficult to guess.
  • Password must be at least 8 characters in length.
  • Password must include at least one upper case letter.
  • Password must include at least one number.
  • Password must include at least one special character.
Code: 
// Given password
$password = 'user-input-pass';

// Validate password strength
$uppercase = preg_match('@[A-Z]@', $password);
$lowercase = preg_match('@[a-z]@', $password);
$number = preg_match('@[0-9]@', $password);
$specialChars = preg_match('@[^\w]@', $password);

if(!$uppercase || !$lowercase || !$number || !$specialChars || strlen($password) < 8) {
echo 'Password should be at least 8 characters in length and should include at least one upper case letter, one number, and one special character.';
}else{
echo 'Strong password.';
}

[/SHOWTOGROUPS]
 
K

kivok

Member
Joined
May 22, 2011
Messages
5
Reaction score
0
"Dude, I'd recommend using a library like Password_Generate or PHPass for this. They've got good methods for generating and validating strong passwords, plus they help prevent rainbow table attacks. Save yourself the headache"
 
С

Слава010

New member
Joined
Feb 25, 2011
Messages
1
Reaction score
0
"Dude, for password strength validation in PHP, I use a library like PasswordValidator. It comes with built-in rules for password complexity, length, and more. Makes life way easier than rolling your own validation logic"
 
P

pro100masha

New member
Joined
Apr 25, 2009
Messages
4
Reaction score
0
"Hey guys, I just use the built-in password_verify() function in PHP 7+ for password validation, then also check the password length to ensure it's strong enuf (at least 12 chars). You can also use a library like password_hash to create and verify passwords securely. Anyone else got a fave method?"
 
You must log in or register to reply here.
Top