Others have provided far more detail as to why these regex patterns enforce potentially harmful requirements.
All I can add is the ever relevant xkcd on password strength and point out that your regex patterns would disallow the suggested correcthorsebatterystaple but allow the less memorable, more brute forceable Tr0ub4dor&3.
From previous comments it also sounds as though there was previously a max length set, and that kind of thing reduces the entropy of both the suggested password above and the types of passwords created by a password manager.
Thanks for your reply Andew 😎 . The sketch is very funny and absolutely true. A user can easy pass the requirements and finally give a P@ssw0rd that are easy to hack.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Others have provided far more detail as to why these regex patterns enforce potentially harmful requirements.
All I can add is the ever relevant xkcd on password strength and point out that your regex patterns would disallow the suggested
correcthorsebatterystaple
but allow the less memorable, more brute forceableTr0ub4dor&3
.From previous comments it also sounds as though there was previously a max length set, and that kind of thing reduces the entropy of both the suggested password above and the types of passwords created by a password manager.
Thanks for your reply Andew 😎 . The sketch is very funny and absolutely true. A user can easy pass the requirements and finally give a P@ssw0rd that are easy to hack.