I have a piece of code that I've been told to change from the upper management, it's a password secure algorithm that only allows password which contains certain characters and numbers in javascript. Right now it allows only passwords which
- Contains at least one lowercase.
- Contains at least one uppercase.
- Contains at least one number.
- Contains at least 6 characters.
The code itself, is displayed here:
var re = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{6,}/;
What I have been told to change it to, is this:
- Contains at least one letter. (lowercase or uppercase, it should NOT be case sensitive)
- Contains at least one number.
- Contains at least 6 characters.
This system is very small, and even though I was against it at first, I see that it is a bit overkill to have these restrictions for our system, even though it makes it a lot safer. The reason we are changing this is because of all the workers forgetting their passwords all the time because of these restrictions.
I have tried to remove some of the code from the variable re but since I am not 100% sure what exactly I am removing, I wanted to ask help here. What should I change in order to get the system to accept a password with the restrictions I want it to?
Removing (?=.*[A-Z]) didn't do it, since it is still case sensitive.
Thanks in advance.
(I know some of you probably wouldn't recommend doing these things in javascript since it's client side, but none of our users will have any interest (nor idea) of how to get around these restrictions).
