Buy Now
Sign in

Password strength, registration form, need advice.

SplodeForms , February 11 at 16:37
Answered
S
SplodeForms
Hello,
I'm new to Chronoforms. I'm making registration and login forms for a Joomla powered site with Chronoforms v6.
I've seen some solutions to requiring strong passwords in the forum but they are too complex and need plugins installed. I don't need a visual indicator like a animated strength bar. Just to validate that a password meets requirements and show the typical error on the from if not. I want a simple solution that I can do within Chronoforms v6.
I see in the Password field there is a regular expression. That looks promising. Can I put a regex in there to check that a password contains enough lower, upper, numerals, and symbols and show an error if it does not?
I'm currently using the free version. Does the paid version have any extra tools for passwords or registration or login forms?
I see a Validation Rules box in the password field (in designer) but found little documentation about it. Can I use that to check passwords?
I know it can't do everything with one click but strong passwords are essential. So, I recommend that some features be added to the validation tab of password fields for strength or a pw validator in the setup section.​
admin
Hi SplodeForms,
You can use the regex validation, or you can use a Switch event action, do your test with PHP then reload the form, but the regex will work before and after the form is submitted and it should be the easier option.
Best regards
Max
If your main question got answered then please mark the answer using the button!​
​Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
S
SplodeForms
Thanks!
Regex then. It has been a long time since I did any of that. I will try to use several lookaheads like this ^(?=(?:[^A-Z]*[A-Z]){3}) (must contain 3 uppercase letters) to see that the password meets my specs.​
So I put (^(?=(?:[^A-Z]*[A-Z]){3})) in the regular expression box at Designer -> password field -> validation tab. Note the whole thing is in parentheses now. That worked. Anything passed as long as it had at least 3 upper case letters.​
admin
Hi SplodeForms,
That should work, you should also try to access the form using the submit url directly to check if the PHP test works as expected or not, it should apply the same regex test.
You can access the form using the url of the form page + &event=submit
Best regards
Max
If your main question got answered then please mark the answer using the button!​
​Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
S
SplodeForms
I'm baffled. The following works in the form when it is enclosed in the outer parentheses. 9-25 characters from the specified set, at least 2 each upper, lower, numerals, and the allowed symbols.
(^(?=[A-Za-z0-9\~\!\@\#\^\%\*\_\-\+\.]{9,25}$)(?=(?:[^A-Z]*[A-Z]){2})(?=(?:[^a-z]*[a-z]){2})(?=(?:[^0-9]*[0-9]){2})(?=(?:.*[\~\!\@\#\^\%\*\_\-\+\.]){2}))
I want to disallow any character repeated more than twice in a row (YY is ok, YYY is not). This ^(?!.*(.)\1\1) works at regextester.com which reports "match" unless there is a triple character. Also works by itself on the form without outer parentheses. Meaning not like this (^(?!.*(.)\1\1)). Every attempt to add this to the main regex above fails. Anything I type in the password field is wrong. I've tried every variation I can think of.
Anyone have advice?
S
SplodeForms
I can't edit the previous post. A popup just shows a busy spinner forever.
After much experimentation I found that this works. Note that it does not have any outer parentheses which were needed before. It works just like this:​
​^(?=[A-Za-z0-9\~\!\@\#\^\%\*\_\-\+\.]{9,25}$)(?=(?:[^A-Z]*[A-Z]){2})(?=(?:[^a-z]*[a-z]){2})(?=(?:[^0-9]*[0-9]){2})(?=(?:.*[\~\!\@\#\^\%\*\_\-\+\.]){2})(?!.*(.)\1\1)​
​​
​Now to test with direct URL as Max advised.