Can someone give me the regex to match a valid AWS Cognito password - with numbers, special characters (their list), lower and upper case letters
The AWS Cognito default length limit is 6 characters and has it's own list of special characters
Asked
Active
Viewed 7,897 times
1 Answers
37
Updated Answer - Dec 2021
/^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[\^$*.\[\]{}\(\)?\-\"!@#%&\/,><\':;|_~`])\S{8,99}$/
Explanation:
/Indicates the start of a regular expression^Beginning. Matches the beginning of the string.(?=.*[a-z])Requires lowercase letters(?=.*[A-Z])Requires uppercase letters(?=.*[0-9])Requires numbers(?=.*[\^$*.\[\]{}\(\)?\-"!@#%&\/,><\’:;|_~`])Requires special characters (only the special characters listed by AWS Cognito).\SWhitespace (space, tab, carriage return) not allowed{8,99}Minimum 8 characters, maximum 99 characters$End. Matches the end of the string./Close.
Interactive Examples:
- https://regex101.com/r/ZWXX0D/1 (shows working on JS, Python, PHP & Java)
- https://regexr.com/6asc6
- http://awspasswordregex.s3-website-eu-west-1.amazonaws.com/ (JS deployed to S3)
Jonathan Irwin
- 3,531
- 1
- 18
- 40
-
3The above regex failed for me as it was missing some special characters. I've updated it here to work with the default cognito password config: `/^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[=+\-^$*.\[\]{}()?"!@#%&/\\,> – tsiege Oct 17 '20 at 18:44
-
2According to https://regex101.com/ the regex is invalid because a forward slash is not escaped. PLUS we had real problems using this regex in the deployed react version on an S3 bucket (locally it worked). Also I question that 6 chars is the default I think it's 8. – CodingYourLife Dec 10 '20 at 15:50
-
@CodingYourLife sorry this gave you trouble - what was the issue? I see on regex101.com it complains when used in PHP - if you used it in React it should have been valid. Both PHP and JS seem happy with the forward slash escaped so I will update the answer. I also see 8 is now the default - again I will update. – Jonathan Irwin Dec 10 '20 at 18:57
-
+1 for @CodingYourLife 's comment about not working on S3. We faced the same issue...works perfectly in local environment but not when deployed to S3. Seems like odd behavior. Does anyone have a fix for this? – hugo Nov 11 '21 at 12:34
-
I had a similar problem with this regex where it worked locally but not in production (React SPA on AWS). I carefully retyped the regex letter by letter and it was fixed, so I think the problem was coming from exotic quotations when I had originally copy/pasted. Try this: ```/^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[\^$*.\[\]{}\(\)?\-"!@#%&\/,> – indigoi Dec 03 '21 at 08:10
-
1@hugo here is it deployed to S3 where it seems to work fine. http://awspasswordregex.s3-website-eu-west-1.amazonaws.com/ code is simple so view source if you want to see how it works. I will update the answer to use the regular quotations - thanks indigoi – Jonathan Irwin Dec 04 '21 at 10:49
-
2Cognito defaults include =, - and +. Unfortunately they're not listed in the official documentation, but by default they are admitted by Cognito. These are taken straight from the Cognito AWS Console: `(^ $ * . [ ] { } ( ) ? - " ! @ # % & / \ , > < ' : ; | _ ~ `` + =)` – santamanno Dec 15 '21 at 15:53
-
Would be useful to add references to this answer to understand where it's come from/what specifications it's based on. – Dan Dec 21 '21 at 20:30