ActiveDirectoryMembershipProvider.PasswordStrengthRegularExpression Property


Gets the regular expression used to evaluate a password.

Namespace:   System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public override string PasswordStrengthRegularExpression { get; }

Property Value

Type: System.String

A regular expression used to evaluate a password.

Exception Condition

The PasswordStrengthRegularExpression property is accessed before the ActiveDirectoryMembershipProvider instance is initialized.

The PasswordStrengthRegularExpression property gets the regular expression used to evaluate password complexity.

The PasswordStrengthRegularExpression property is not used to validate auto-generated passwords in the ResetPassword method.

The PasswordStrengthRegularExpression property is set in the application configuration using the passwordStrengthRegularExpression attribute of the membership Element (ASP.NET Settings Schema) configuration element.

The following example shows the membership Element (ASP.NET Settings Schema) configuration element in the system.web section of the application's Web.config file. It specifies that the application use an instance of the ActiveDirectoryMembershipProvider class to provide membership services and sets the passwordStrengthRegularExpression attribute to a regular expression that validates that the password meets the following criteria:

  • Is greater than seven characters.

  • Contains at least one digit.

  • Contains at least one special (non-alphanumeric) character.

If the password does not meet these criteria, the password is not accepted by the membership provider.

    <add name="ADService" connectionString="LDAP://ldapServer/" />
    <membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
        <add name="AspNetActiveDirectoryMembershipProvider" 
          System.Web, Version=2.0.3600, Culture=neutral, 
            "@\"(?=.{6,})(?=(.*\d){1,})(?=(.*\W){1,})" />

.NET Framework
Available since 2.0
Return to top