Skip to content

Check password strength in Java example

Check password strength in Java example shows how to check password strength in Java. The example also shows how to check password strength using a regular expression.

Previously we covered how to validate username using regular expression and how to validate passwords using regular expression in Java. This example will show you how to check password strength using Java regular expression.

How to check password strength in Java?

Many websites show the strength of the password entered by the user to help them choose the stronger password during the registration process. Have you ever wondered how to do it? Well, this example will show you how.

Strength of the password can be calculated using various parameters like,

1) The total length of the password
2) The number of upper case and lower case letters
3) The number of digits in the password
4) The number of special characters in the password.

If the password has all these combinations, then it is generally considered to be a strong password. If the password contains many of them, then it might be of medium strength. If it contains very few combinations then it is considered to be a weak password.

We are going to calculate the password strength score between 0 and 10 depending upon the below criteria using the Java regular expression (RegEx).

Score Criteria:

1) If password length is less than 8, the password is very weak and the score will be zero. If password length is between 8 and 10, a score of 1 will be given. If password length is more than 10, a score of 2 will be given.
2) If the password contains at least 1 digit, a score of 2 will be given.
3) If the password contains at least 1 lower case letter, a score of 2 will be given.
4) If the password contains at least 1 upper case letter, a score of 2 will be given.
5) If the password contains at least 1 special character out of “~!@#$%^&*()_-“ characters, a score of 2 will be given.

Here is the example program to calculate password score based on above given criteria.

Output

We used positive look ahead regular expressions to validate the password strength criteria. For example, expression “(?=.*[0-9]).*” checks whether the String contains any digits where,

The same has been done for checking the lower case letter, upper case letter and special character requirements.

Here is the slightly modified calculatePasswordStrength method which also checks for the number of times a digit, upper case letter, and special character gets repeated in the password string.

Output

We modified our method to check for the number of occurrences too using a regular expression. For example, “(?=.*[0-9].*[0-9]).*” expression checks if the string contains at least 2 digits where,

You can add or remove any criteria to match your exact requirements.

This example is a part of the String in Java tutorial and Java RegEx tutorial.

Please let me know your views in the comments section below.

About the author

4 comments

Leave a Reply

Your email address will not be published.