Check Password Strength (policy) in Registration Form in a ASP.Net Application.

Introduction

In this post, I explain how to check password strength (policy) in the registration form in an ASP.Net Application.



Prerequisite

I used followings:
  • .Net framework 4.0

Steps :

Just follow the steps and get result easily.

Step - 1 : Create New Project

Go to File > New > Project > Select asp.net web forms application > Entry Application Name > Click OK.

Step-2: Add a Web Form (page).

Go to Solution Explorer > Right Click on Project under solution explorer > Add > New item > Select Web Form Using master page> Enter Name > Add.

Step-3: Design your Registration form

place this Html Code inside a form tag


<div>
        <h3>Registration Form</h3>
        <div>
            <table cellpadding="0" cellspacing="10" border="0">
                <tr>
                    <td>Full Name</td>
                    <td><asp:TextBox ID="txtFullName" runat="server" /></td>
                    <td></td>
                </tr>
                <tr>
                    <td>Username</td>
                    <td><asp:TextBox ID="txtUsername" runat="server" /></td>
                    <td></td>
                </tr>
                <tr>
                    <td>Password</td>
                    <td><asp:TextBox ID="txtPassword" runat="server" TextMode="Password" onKeyUp="checkPassStrength()" /></td>
                    <td><asp:Label ID="lblPasswordStrength" runat="server" /> </td>
                </tr>
                <tr>
                    <td></td>
                    <td><asp:Button ID="btnSave" runat="server" Text="Submit" OnClick="btnSave_Click" /></td>
                    <td></td>
                </tr>
            </table>

        </div>

    </div>



Step-4: Write Server side code for check password strength.

Here is the complete code :
Inside submit Button Event


protected void btnSave_Click(object sender, EventArgs e)
        {
            int marks = GetPasswordStrength(txtPassword.Text);
            string status = "";
            switch (marks)
            {
                case 1:
                    status = "Very Week";
                    break;
                case 2:
                    status = "Week";
                    break;
                case 3:
                    status = "Medium";
                    break;
                case 4:
                    status = "Strong";
                    break;
                case 5:
                    status = "Very Strong";
                    break;
                default:
                    break;
            }

            lblPasswordStrength.Text = "Status : " + status;
            if (marks < 4)
               {               
                lblPasswordStrength.ForeColor = Color.Red;
                return;
               }

            // Do your registration Here


            // This for test
            lblPasswordStrength.ForeColor = Color.Green;

        }

Function


private int GetPasswordStrength(string password)
        {
            int Marks = 0;
            // here we will check password strength
            if (password.Length < 6)
            {
                // Very Week
                return 1;
            }
            else
            {
                Marks = 1;
            }
            if (Regex.IsMatch(password,"[a-z]"))
            {
                // 2    week
                Marks++;
            }
            if (Regex.IsMatch(password, "[A-Z]"))
            {
                // 3    medium
                Marks++;
            }
            if (Regex.IsMatch(password, "[0-9]"))
            {
                //4     strong
                Marks++;
            }
            if (Regex.IsMatch(password, "[<,>,@,!,#,$,%,^,&,*,(,),_,+,\\[,\\],{,},?,:,;,|,',\\,.,/,~,`,-,=]"))
            {
                //5     very strong
                Marks++;
            }
            return Marks;

        }

Here run the application and Check result.
Here I have checked using server side code. It will much more useful if we check password strength from client side also. just follow the steps:-

Step-5: Add Client side code to check password strength.

Here we need to add the jquery library.
for this add this function to head section.

<script src="Script/jquery-1.7.1.js"></script>
    <script language="javascript" type="text/javascript">
        function checkPassStrength() {
            var value = $('#<%=txtPassword.ClientID %>').val();
            var score = 0;
            var status = "";
            var specialChars = "<>@!#$%^&*()_+[]{}?:;|'\"\\,./~`-="
            if (value.toString().length >= 8) {

                if (/[a-z]/.test(value)) {
                    score += 1;
                }
                if (/[A-Z]/.test(value)) {
                    score += 1;
                }
                if (/\d/.test(value)) {
                    score += 1;
                }
                for (i = 0; i < specialChars.length; i++) {
                    if (value.indexOf(specialChars[i]) > -1) {
                        score += 1;
                    }
                }
            }
            else {
                score = 1;
            }

            if (score == 2) {
                status = status = "<span style='color:#CCCC00'>Medium</span>";
            }
            else if (score == 3) {
                status = "<span style='color:#0DFF5B'>Strong</span>";
            }
            else if (score >= 4) {
                status = "<span style='color:#009933'>Very Strong</span>";
            }
            else {

                status = "<span style='color:red'>Week</span>";
            }
            if (value.toString().length > 0) {
                $('#<%=lblPasswordStrength.ClientID %>').html("Status :<span> " + status + "</span>");
                }
                else {
                    $('#<%=lblPasswordStrength.ClientID %>').html("");
                }
            }

    </script>


and call this javascript function on key up of password textbox. Here is the code.

<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" onKeyUp="checkPassStrength()" />

Step-6: Run Application.

Now type your password in the password field and get the result.
Thank You

Download Source Code

Hello ! My name is Sourav Mondal. I am a software developer working in Microsoft .NET technologies since 2010.

I like to share my working experience, research and knowledge through my site.

I love developing applications in Microsoft Technologies including Asp.Net webforms, mvc, winforms, c#.net, sql server, entity framework, Ajax, Jquery, web api, web service and more.