Const// Valid strong passwords
const validPasswords = [
'MySecure123!',
'Complex_P@ssw0rd',
'Strong#Password2024',
'Secure!User123'
];
validPasswords.forEach(password => {
const result = PasswordSchema.safeParse(password);
console.log(result.success); // true
});
// Invalid passwords that will be rejected
const invalidPasswords = [
'password', // Missing uppercase, numbers, special chars
'Password', // Missing numbers and special chars
'password123', // Missing uppercase and special chars
'PASSWORD123!', // Missing lowercase
'Pass1!', // Too short (less than 8 characters)
'a'.repeat(101) + 'A1!' // Too long (over 100 characters)
];
// Usage in password update validation
const updatePassword = (currentPassword: string, newPassword: string) => {
const validation = PasswordSchema.safeParse(newPassword);
if (!validation.success) {
throw new Error(validation.error.errors[0].message);
}
// Proceed with password update
};
// Integration with password strength indicators
const checkPasswordStrength = (password: string) => {
const result = PasswordSchema.safeParse(password);
return {
isValid: result.success,
errors: result.success ? [] : result.error.errors.map(e => e.message),
strength: result.success ? 'strong' : 'weak'
};
};
Strong password validation schema with comprehensive security requirements
Implements industry-standard password security requirements to ensure user accounts are protected against common password-based attacks. The schema enforces a minimum length of 8 characters and a maximum of 100 characters to balance security with usability, while requiring a complex character composition that includes uppercase letters, lowercase letters, numbers, and special characters.
The password complexity requirements are designed to resist brute force attacks, dictionary attacks, and common password patterns. The regular expression validation ensures that passwords contain at least one character from each required category, significantly increasing the password entropy and making automated attacks more difficult.
Security considerations include protection against password spraying attacks through complexity requirements, resistance to rainbow table attacks through character diversity requirements, and prevention of common weak passwords through pattern enforcement. The schema also prevents excessively long passwords that could cause denial-of-service attacks during password hashing operations.
The validation provides clear, user-friendly error messages that guide users toward creating secure passwords without revealing specific security implementation details that could be exploited by attackers. This approach balances security with user experience to encourage adoption of strong password practices.