Thursday, April 09, 2009

How to implement Complex Password Validity Tester?

How to implement Complex Password Validity Tester?

This can be implemented by using JavaScript code to force passwords to be a combination of alphabets and numbers and force range of characters.

The below code makes sure that user enters combination of alphanumeric data and check for minimum number of chars. It checks for at least one alphabetic char, special char and one numeric chars.

<html>
<head>
<script language="javascript">
function Search_Array(ArrayObj, SearchFor){
var Found = false;
for (var i = 0; i < ArrayObj.length; i++){
if (ArrayObj[i] == SearchFor){
return true;
var Found = true;
break;
}
else if ((i == (ArrayObj.length - 1)) && (!Found)){
if (ArrayObj[i] != SearchFor){
return false;
}
}
}
}

function isAlphabeticSequence (passwdString) {

var i="0",
lower = "abcdefghijklmnopqrstuvwxyz",
upper = lower.toUpperCase(),
numbers = "0123456789",
badSequenceLength = 3,
noQwertySequences = true,
qwerty = "qwertyuiopasdfghjklzxcvbnm",
start = badSequenceLength - 1,
seq = "_" + passwdString.slice(0, start),
flg1=0;

for (i = start; i < passwdString.length; i++) {
seq = seq.slice(1) + passwdString.charAt(i);
if (
lower.indexOf(seq) > -1 ||
upper.indexOf(seq) > -1 ||
numbers.indexOf(seq) > -1 ||
(noQwertySequences && qwerty.indexOf(seq) > -1)
) {
flg1++;
break;
}
}

if (flg1 > 0) {
return true;
}
return false;
}

function isAlphabeticSequenceDesc (passwdString) {

var i="0",
lower_desc = "zyxwvutsrqponmlkjihgfedcba",
upper_desc = lower_desc.toUpperCase(),
numbers_desc = "9876543210",
badSequenceLength = 3,
noQwertySequences = true,
qwerty_desc = "mnbvcxzlkjhgfdsapoiuytrewq",
start = badSequenceLength - 1,
seq = "_" + passwdString.slice(0, start),
flg1=0;

for (i = start; i < passwdString.length; i++) {
seq = seq.slice(1) + passwdString.charAt(i);
if (
lower_desc.indexOf(seq) > -1 ||
upper_desc.indexOf(seq) > -1 ||
numbers_desc.indexOf(seq) > -1 ||
(noQwertySequences && qwerty_desc.indexOf(seq) > -1)
) {
flg1++;
break;
}
}

if (flg1 > 0) {
return true;
}
return false;
}

function isAlphabeticSequenceEvenChar (passwdString) {

var i="0",
evenChars="";

//Even
for(var i=0;i<passwdString.length;i+=2) {
evenChars += passwdString.charAt(i);
}

var lower_even = "abcdefghijklmnopqrstuvwxyz",
upper = lower_even.toUpperCase(),
numbers = "0123456789",
badSequenceAltLength = 3,
noQwertySequences = true,
qwerty = "qwertyuiopasdfghjklzxcvbnm",
start = badSequenceAltLength - 1,
seq = "_" + evenChars.slice(0, start),
flg1=0;

// enforce alphanumeric/qwerty sequence ban rules
for (i = start; i < evenChars.length; i++) {
seq = seq.slice(1) + evenChars.charAt(i);
if (
lower_even.indexOf(seq) > -1 ||
upper.indexOf(seq) > -1 ||
numbers.indexOf(seq) > -1 ||
(noQwertySequences && qwerty.indexOf(seq) > -1)
) {
flg1++;
break;
}
}

if (flg1 > 0) {
return true;
}

if (isAlphabeticSequenceRevChar(evenChars)) {
return true;
}

//Check for characters such as "bab4o1", "212epj"
if (isAlphabeticSequenceRevCharDesc(evenChars)) {
return true;
}

return false;
}

function isAlphabeticSequenceEvenCharDesc (passwdString) {

var i="0",
evenChars="";

//Even
for(var i=0;i<passwdString.length;i+=2) {
evenChars += passwdString.charAt(i);
}

var lower_even_desc = "zyxwvutsrqponmlkjihgfedcba",
upper_desc = lower_even_desc.toUpperCase(),
numbers_desc = "9876543210",
badSequenceAltLength = 3,
noQwertySequences = true,
qwerty_desc = "mnbvcxzlkjhgfdsapoiuytrewq",
start = badSequenceAltLength - 1,
seq = "_" + evenChars.slice(0, start),
flg1=0;

for (i = start; i < evenChars.length; i++) {
seq = seq.slice(1) + evenChars.charAt(i);
if (
lower_even_desc.indexOf(seq) > -1 ||
upper_desc.indexOf(seq) > -1 ||
numbers_desc.indexOf(seq) > -1 ||
(noQwertySequences && qwerty_desc.indexOf(seq) > -1)
) {
flg1++;
break;
}
}

if (flg1 > 0) {
return true;
}
if (isAlphabeticSequenceRevChar(evenChars)) {
return true;
}

//Check for characters such as "bab4o1", "212epj"
if (isAlphabeticSequenceRevCharDesc(evenChars)) {
return true;
}
return false;
}

function isAlphabeticSequenceOddChar(passwdString) {

var i="0",
oddChars="";

//Odd
for(var i=1;i<passwdString.length;i+=2) {
oddChars += passwdString.charAt(i);
}

var lower_odd = "abcdefghijklmnopqrstuvwxyz",
upper = lower_odd.toUpperCase(),
numbers = "0123456789",
badSequenceAltLength = 3,
noQwertySequences = true,
qwerty = "qwertyuiopasdfghjklzxcvbnm",
start = badSequenceAltLength - 1,
seq = "_" + oddChars.slice(0, start),
flg1=0;

for (i = start; i < oddChars.length; i++) {
seq = seq.slice(1) + oddChars.charAt(i);
if (
lower_odd.indexOf(seq) > -1 ||
upper.indexOf(seq) > -1 ||
numbers.indexOf(seq) > -1 ||
(noQwertySequences && qwerty.indexOf(seq) > -1)
) {
flg1++;
break;
}
}
if (flg1 > 0) {
return true;
}

if (isAlphabeticSequenceRevChar(oddChars)) {
return true;
}

//Check for characters such as "bab4o1", "212epj"
if (isAlphabeticSequenceRevCharDesc(oddChars)) {
return true;
}

return false;
}

function isAlphabeticSequenceOddCharDesc(passwdString) {

var i="0",
oddChars="";

//Odd
for(var i=1;i<passwdString.length;i+=2) {
oddChars += passwdString.charAt(i);
}

var lower_odd_desc = "zyxwvutsrqponmlkjihgfedcba",
upper_desc = lower_odd_desc.toUpperCase(),
numbers_desc = "9876543210",
badSequenceAltLength = 3,
noQwertySequences = true,
qwerty_desc = "mnbvcxzlkjhgfdsapoiuytrewq",
start = badSequenceAltLength - 1,
seq = "_" + oddChars.slice(0, start),
flg1=0;

for (i = start; i < oddChars.length; i++) {
seq = seq.slice(1) + oddChars.charAt(i);
if (
lower_odd_desc.indexOf(seq) > -1 ||
upper_desc.indexOf(seq) > -1 ||
numbers_desc.indexOf(seq) > -1 ||
(noQwertySequences && qwerty_desc.indexOf(seq) > -1)
) {
flg1++;
break;
}
}
if (flg1 > 0) {
return true;
}

if (isAlphabeticSequenceRevChar(oddChars)) {
return true;
}

//Check for characters such as "bab4o1", "212epj"
if (isAlphabeticSequenceRevCharDesc(oddChars)) {
return true;
}
return false;
}

function isAlphabeticSequenceRevChar(passwdString) {

var i="0",
lower = "abcdefghijklmnopqrstuvwxyz",
upper = lower.toUpperCase(),
numbers = "0123456789",
badSequenceRevLength = 2,
start = badSequenceRevLength - 1,
seq = "_" + passwdString.slice(0, start),
flg1=0;

for (i = start; i < passwdString.length; i++) {

seq = seq.slice(1) + passwdString.charAt(i);
lower_seq = seq.toLowerCase();
upper_seq = seq.toUpperCase();
lower_passwdString = passwdString.toLowerCase();
upper_passwdString = passwdString.toUpperCase();

if (
(lower.indexOf(lower_seq) > -1 && (lower_passwdString.charAt(i+1)==lower_seq.substring(0,1)) ) ||
(upper.indexOf(upper_seq) > -1 && (upper_passwdString.charAt(i+1)==upper_seq.substring(0,1))) ||
(numbers.indexOf(seq) > -1 && (upper_passwdString.charAt(i+1)==upper_seq.substring(0,1)) )
) {
flg1++;
break;
}
}
if (flg1 > 0) {
return true;
}
return false;
}

function isAlphabeticSequenceRevCharDesc(passwdString) {

var i="0",
lower_desc = "zyxwvutsrqponmlkjihgfedcba",
upper_desc = lower_desc.toUpperCase(),
numbers_desc = "9876543210",
badSequenceRevLength = 2,
start = badSequenceRevLength - 1,
seq = "_" + passwdString.slice(0, start),
flg1=0;

for (i = start; i < passwdString.length; i++) {

seq = seq.slice(1) + passwdString.charAt(i);
lower_seq = seq.toLowerCase();
upper_seq = seq.toUpperCase();
lower_passwdString = passwdString.toLowerCase();
upper_passwdString = passwdString.toUpperCase();

if (
(lower_desc.indexOf(lower_seq) > -1 && (lower_passwdString.charAt(i+1)==lower_seq.substring(0,1)) ) ||
(upper_desc.indexOf(upper_seq) > -1 && (upper_passwdString.charAt(i+1)==upper_seq.substring(0,1))) ||
(numbers_desc.indexOf(seq) > -1 && (upper_passwdString.charAt(i+1)==upper_seq.substring(0,1)) )
) {
flg1++;
break;
}
}
if (flg1 > 0) {
return true;
}
return false;
}

function testPasswd(passwdString)
{
var i="0";
var cch='0';
var nr=0;
var noSequential = true;

// enforce the no sequential, identical characters rule
if (noSequential && /([\S\s])\1/.test(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric identical characters not allowed.";
return true;
}

// Check for normal sequence "abc", "123"
if (isAlphabeticSequence(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric sequence not allowed.";
return true;
}

// Check for normal sequence "cba", "321"
if (isAlphabeticSequenceDesc(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric sequence not allowed.";
return true;
}

/******** Check for alternate characters in a password string Starts here ********/
//Check for alternate characters at Even positions (start position 0 [zero]) e.g. "a3bqc", "1j2d3k"
if (isAlphabeticSequenceEvenChar(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric sequence not allowed.";
return true;
}

//Check for alternate characters at Even positions in descending order (start position 0 [zero]) e.g. "cqb3a", "3k2d1j"
if (isAlphabeticSequenceEvenCharDesc(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric sequence not allowed.";
return true;
}

//Check for alternate characters at Odd positions (start position 0 [zero]) e.g. "3aqb6c", "j1d2k3"
if (isAlphabeticSequenceOddChar(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric sequence not allowed.";
return true;
}

//Check for alternate characters at Odd positions in descending order (start position 0 [zero]) e.g. "qc3bta", "k3d2j1"
if (isAlphabeticSequenceOddCharDesc(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric sequence not allowed.";
return true;
}
/******** Check for alternate characters in a password string Ends here ********/

//Check for characters such as "aba4o1", "121epj"
if (isAlphabeticSequenceRevChar(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric sequence not allowed.";
return true;
}

//Check for characters such as "bab4o1", "212epj"
if (isAlphabeticSequenceRevCharDesc(passwdString)) {
document.getElementById("errorMessages").innerHTML = "Alphabetic/Numeric sequence not allowed.";
return true;
}

if(passwdString.length < 8) {
document.getElementById("errorMessages").innerHTML = "A password should have at least 8 characters";
return true;
}

if(passwdString.length > 12) {
document.getElementById("errorMessages").innerHTML = "A password should have no more than 12 characters";
return true;
}

for(i=0;i<passwdString.length;i++) {
cch=passwdString.charAt(i);
if(cch >= 'a' && cch <= 'z')
nr++;
}

if(nr == passwdString.length) {
document.getElementById("errorMessages").innerHTML = "Password too simple. Please use a mix of upper and lower case letters and numerics.";
return true;
}

//It must contain at least one number character
if (!(passwdString.match(/\d/))) {
document.getElementById("errorMessages").innerHTML = "Password must include at least one number.";
return true;
}

//It must start with at least one letter
if (!(passwdString.match(/^[a-zA-Z]+/))) {
document.getElementById("errorMessages").innerHTML = "Passwords must start with at least one letter.";
return true;
}

//It must contain at least one upper case character
if (!(passwdString.match(/[A-Z]/))) {
//alert("Password must include at least one uppercase letter.");
document.getElementById("errorMessages").innerHTML = "Password must include at least one uppercase letter.";
return true;
}

//It must contain at least one lower case character
if (!(passwdString.match(/[a-z]/))) {
document.getElementById("errorMessages").innerHTML = "Password must include one or more lowercase letters.";
return true;
}

//It must contain at least one special character
if (!(passwdString.match(/\W+/))) {
//alert("Password must include at least one special character - #,@,%,!");
document.getElementById("errorMessages").innerHTML = "Password must include at least one special character - #,@,%,!";
return true;
}

// Password should contain at least 4 different character "A1#dql"
passwordString = passwdString.toUpperCase();

var arr={};
var arrAlphabets = new Array();
var temp=passwordString.split("");
for(key in temp) {
temp1=temp[key];

arr[temp1] = arr[temp1]? arr[temp1] + 1 : 1;

if (!Search_Array(arrAlphabets, temp1)) {
arrAlphabets.push(temp1);
}
}

if (arrAlphabets.length < 4 ) {
document.getElementById("errorMessages").innerHTML = "Please enter at least 4 different alphabetical characters.";
return true;
}

if ( (passwdString.match(/\d/) && passwdString.match(/\d/g).length >= 2) ){
return false;
}
else if ( (passwdString.match(/\W/) && passwdString.match(/\W/g).length >= 2) ){
return false;
}
else if ( (passwdString.match(/\d/) && passwdString.match(/\d/g).length == 1) && (passwdString.match(/\W/) && passwdString.match(/\W/g).length == 1) ){
return false;
}
else {
document.getElementById("errorMessages").innerHTML = "It must contain at least 2 non-alphabetic characters.";
return true;
}

return false;
}

function testall()
{
if(testPasswd(document.form1.txtpassword.value)) {
document.form1.txtpassword.focus();
return false;
}
document.getElementById("errorMessages").innerHTML = "";
return true;
}
</script>
</head>
<body>
<form name=form1>
<span id="errorMessages"></span><br>
<br>
<b>Enter Password:    </b><input type="text" name="txtpassword" onkeyup="return testall();">
</form>
</body>
</html>
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)