Show me a code sample for: Javascript - ASP.NET (C# and VB.NET) - Classic ASP - PHP - Python

Check password strength: Classic ASP (VBScript)

Implementation

This code will validate a password on the server side using Classic ASP (VBScript). For ASP.NET validation, check here. If you want to validate the password on the client side, check our Javascript implementation.

ASP (VBScript)

<%
Function CheckStrength(password)

	Dim strength(4)
	strength(0) = "Blank"
	strength(1) = "Very Weak"
	strength(2) = "Weak"
	strength(3) = "Medium"
	strength(4) = "Strong"
	strength(5) = "Very Strong"

	Dim score
	score = 1

	If Len(password) < 1 Then
		CheckStrength = strength(0)
	End If

	If Len(password) < 4 Then
		CheckStrength = strength(1)
	End If

	If Len(password) >= 8 Then
		score = score + 1
	End If
	If Len(password) >= 10 Then
		score = score + 1
	End If

	Dim regex
	Set regex = New RegExp

	regex.Pattern = "/\d+/"
	If regex.Test(password) Then
		score = score + 1
	End If

	regex.Pattern = "/[a-z]/"
	If regex.Test(password) Then
		regex.Pattern = "/[A-Z]/"
		If regex.Test(password) Then
			score = score + 1
		End If
	End If

	regex.Pattern = "/.[!,@,#,$,%,^,&,*,?,_,~,-,£,(,)]/"
	If regex.Test(password) Then
		score = score + 1
	End If

	CheckStrength = strength(score)

End Function
%>

Usage

Call the function CheckPassword(), passing the password value. It will return the validation score ranging from "Very Weak" to "Very Strong". You can adapt this code to return the integer value instead (1 to 5, and 0 if blank).

How does it work?

Our scripts will test passwords and return a score which represents its strength.
The score goes from 1 (Very Weak) to 5 (Very Strong), and 0 if the value is blank. It will increase by 1 point if:

Length is at least 8.
Length is at least 10.
Has letters uppercased and lowercased.
Has numbers.
Has symbols.

Note that if the password length is less than 4, the score will be limited to "Very Weak".