Password class help

[buzzdsm]

I'm working on this project and am stuck at the bottom. Here is what I need.

The password needs to be at least 6 characters long

The password should contain at least one uppercase

The password should contain at least one lowercase

The password should contain at least one digit

Here is what I have so far.

Code:

import java.util.Scanner:




public class PasswordVerifier
{
	public static void main(String[] args)
	{
		String password;
		
	
	Scanner keyboard = new Scanner(System.ini);
	
	System.out.println("Enter a password: ");
	
	
	password = keyboard.nextLine();
	
	
	if (isValid(password))
	{
		System.out.println("Valid password.");
	}
	else
	{
		System.out.println("Invalid password.");
	}
	
}


private static boolean isValid(String psWord)
{
	boolean goodSoFar = true; 		
	int index = 0;						
	
	
	if (psWord.length() > 6)
		goodSoFar = false;

[serjant]

For checking one upper case here is the method:

Code:

	  private boolean containsUpperCase(String word) {
	      int ndx;
	      char ch;
	      boolean t=false;
	      char[] letter=word.toCharArray();
	      for(ndx = 0; ndx < word.length(); ndx++) {
	         ch = letter[ndx];
	         if (ch <='Z'&&ch>='A') {
	             t=true;
	         }
	      }
	      return t;
	  }

For lower case:

Code:

	  private boolean containsLowerCase(String word) {
	      int ndx;
	      char ch;
	      boolean t=false;
	      char[] letter=word.toCharArray();
	      for(ndx = 0; ndx < word.length(); ndx++) {
	         ch = letter[ndx];
	         if (ch <='a'+32&&ch>='z'-32) {//the same as ch>='a' && ch<='z'
	        	
	             t=true;
	         }
	      }
	      return t;
	  }

And for at least one appearance of digit in the String:

Code:

 private boolean isDigit(String word) {
	      int ndx;
	      char ch;
	      boolean t=false;
	      char[] letter=word.toCharArray();
	      
	      
	      for(ndx = 0; ndx < word.length(); ndx++) {
	         ch = letter[ndx];
	         if (ch <='9'&&ch>='0') {
	        	
	             t=true;
	         }
	      }
	      return t;
	  }

So as you see buddy,the main work for checking letters in the String is with the ASCII table values.So in order to complete your isValide() method we di the following:

Code:

private static boolean isValid(String psWord)
{
	boolean goodSoFar = true; 		
	int index = 0;						
	
	
	if (psWord.length() < 6)//at least 6 characters
		goodSoFar = false;
                return goodSoFar;
        if(containsUpperCase(psWord)==false)
                goodSoFar=false;
                return goodSoFar;
         if(containsLowerCase(psWord)==false)
                goodSoFar=false;
                return goodSoFar;
         if(isDigit(psWord)==false)
                goodSoFar=false;
                return goodSoFar;
         return goodSoFar;
}

[fishtoprecords]

You realize, of course, that these rules hurt security. Users tend to use the shortest passwords that fit into the silly rules, so they use Passw0rd

You need, at least, to do a dictionary test, and properly with a variant spelling check. Using 3LET spelling doesn't really add any security.

You are better off encouraging folks to use pass phrases.

Passphrases strong enough to have any security are hard to remember, so have the user enter them often, and don't make them change them on some silly 30 day cycle.

[Nicholas Jordan]

I have a common password rejection class already written. Passphrases are easier for people to remember. Often, I will get a totally random string. People laugh at me for that, but I sleep well at night.