Skip to main content
Regexflux

Strong Password

intermediate

Validates passwords with at least 8 characters, one uppercase, one lowercase, one digit, and one special character.

passwordvalidationsecuritylookahead

Pattern

/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$/

Try It

0 of 6 strings matched

Explanation

Uses four positive lookaheads anchored at the start to assert the presence of: a lowercase letter, an uppercase letter, a digit, and a special character. The main pattern then matches 8 or more allowed characters.

Test Strings

Matching

  • P@ssw0rd!
  • Str0ng!Pass

Non-matching

  • password
  • 12345678
  • NoSpecial1
  • short!a

Language Compatibility

LanguageSupport
JSFull support
PYTHONFull support
JAVAFull support
PHPFull support
GONot supported (RE2 engine)

Code Snippets

const regex = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$/;
const text = "your text here";
const matches = text.match(regex);
console.log(matches);

Common Variations

12+ characters

^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{12,}$

Requires at least 12 characters

Related Patterns

Medium Strength Password

Validates passwords with at least 6 characters, one letter and one digit.

Password Length Validation

Validates password length between 8 and 128 characters with any characters allowed.