5 Regex for password validation, with tests
2 min readJan 21, 2023
In this article, we will cover 5 regex patterns for password validation in JavaScript, including minimum length and character requirements.
Sample test cases using console.assert()
are provided.
Minimum eight characters, at least one letter, and one number:
const r1 = new RegExp(‘^(?=.*[A-Za-z])(?=.*\\d)[A-Za-z\\d]{8,}$’);
console.assert(r1.test('password1') === true, 'correct');
console.assert(r1.test('passwor') === false, 'too short');
console.assert(r1.test('passwordpassword') === false, "doesn't contain a number");
Minimum eight characters, at least one letter, one number, and one special character:
const r2 = new RegExp('^(?=.*[A-Za-z])(?=.*\\d)(?=.*[@$!%*#?&])[A-Za-z\\d@$!%*#?&]{8,}$');
console.assert(r2.test('Password1@') === true, 'correct');
console.assert(r2.test('password1') === false, 'no special character');
console.assert(r2.test('Passwor@') === false, 'no number');
Minimum eight characters, at least one uppercase letter, one lowercase letter and one number:
const r3 = new RegExp('^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)[a-zA-Z\\d]{8,}$');
console.assert(r3.test('Password1') === true, 'correct');
console.assert(r3.test('password') === false, 'no uppercase letter');
console.assert(r3.test('PASSWORD') === false, 'no lowercase letter');
Minimum eight characters, at least one uppercase letter, one lowercase letter, one number, and one special character:
const r4 = new RegExp('^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]{8,}$');
console.assert(r4.test('Password1@') === true, 'correct');
console.assert(r4.test('password1') === false, 'no uppercase letter');
console.assert(r4.test('Password1') === false, 'no special character');
console.assert(r4.test('PASSWORD@') === false, 'no lowercase letter');
Minimum eight and maximum 10 characters, at least one uppercase letter, one lowercase letter, one number, and one special character:
const r5 = new RegExp('^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]{8,10}$');
console.assert(r5.test('Password1@') === true);
console.assert(r5.test('password1@password1@') === false, 'too long');
console.assert(r5.test('PASSWORD@') === false, 'no lowercase letter');
console.assert(r5.test('password1') === false, 'no uppercase letter');
console.assert(r5.test('Password1') === false, 'no special character');