Click or drag to resize
weroSoft AG, Software
PasswordControllerCheckPasswordRules Method
The documentation is integral part of the weroSoft product documentation. This part is intended to be used by developers only.
Checks the password to the defined strength.

Namespace:  WeroSoft.Security
Assembly:  WeroSoft.Core.Library (in WeroSoft.Core.Library.dll) Version: 3.0 Pre-Release
public static bool CheckPasswordRules(
	char[] password,
	PasswordStrength requestedStrength


Type: SystemChar
Password which shall be checked.
Type: WeroSoft.SecurityPasswordStrength
The requested strength of the password.

Return Value

Type: Boolean
True if the password matches all rules.

This method does not throw an exception. In case of an internal exception, the method returns false.

The following rules are checked in the order they are listed:

  • All passwords must be smaller than 512 characters.
  • If password strength is None all other passwords are allowed (including empty passwords).
  • The password length may not exceed following values:
  • All contained signs must be one of the following types: upper or lower case letter, digit, symbol or punctuation character.
    • 4 for password strength simple
    • 8 for password strength medium
    • 12 for password strength strong
    • 16 for password strength extreme
  • The password must contain at least one capital and one lower character.
  • A password with extreme strength must contain at least three capitals.
  • Some password strengths must contain digits:
    • Strength medium at least 1
    • Strength strong at least 1
    • Strength extreme at least 3
  • No sign in the password may be repeated directly more that 3 times (e.g.: 'eeee' fails but 'Massstab' os correct).
  • Some password strengths must contain special characters:
    • Strength medium at least 0
    • Strength strong at least 1
    • Strength extreme at least 3

See Also