I have regex for validating user passwords to contain:
- atleast 8 alpha numberic characters
- 1 uppercase letter
- 1 lowercase letter
- 1 digit
Allowed special charaters !@#$%*.~
I am using the following regex:
(?=(.*\w){8,})(?=(.*[A-Z]){1,})(?=(.*[a-z]){1,})(?=(.*[0-9]){1,})(?=(.*[!@#$%*.~]))
This however does not prevent the user from entering other special characters such as <,> , &.
How do I can restrict the allowed number of special characters?
-isn't allowed. Why shouldn't I be allowed to use'"-()[]&<>^_+=etc in my password?