Hi Terry, > > Neither ‘Caesar Augustus Rocks’, or ‘Theresa May Sucks’ are accepted > > despite being ‘valid dictionary words’. > > OK. I can see that Proper nouns may not be acceptable
Oh, they're fine as line 2 ignores case. > but which lines reject the words Rocks, May or Sucks? Line 34. > Are there separate lines to cover Caesar, Augustus or Theresa? Line 35. > 2. Create a new password, avoiding the words that the regex is > currently rejecting. The regexp is a blacklist of what sequences of characters mustn't occur anywhere in the password. It doesn't make use of word boundaries, which could be considered another bug. > (Degree in Computer Science needed here.) No, just an understanding of regular languages; level 3, the lowest, in Chomsky's hierarchy of grammars. Natural languages, like English, are the highest, level 0, and you understand those. Most computer languages are level 2. Or an understanding of finite automata. https://en.wikipedia.org/wiki/Chomsky_hierarchy Strictly speaking, regexps have broken free of regular languages with some modern features, but the underlying understanding of them can stick to regular languages. I really should write a ‘man down the pub’s guide to regular expressions for the Internet. As Stephen suggested, I'm not sure if his email reached the list, use something like https://regex101.com, paste the original regexp, select flavour ‘Java 8’, and experiment with passwords. > 'Cyberattacks rely on human error and weak passwords. The length of > a password makes it stronger. Using a variety of characters is not > so important. Using a long password, also called a passphrase, is > more secure than passwords even if they use no special characters at > all. An example is “orangemonkeyjumps”.' > > Clearly they are not rejecting concatenated words that omit spaces, The regexp knows not of words, and doesn't blacklist spaces. > and they do not reject the use of numbers or chars like '!'. Correct. > So most people would give up and use something simple like > 'mypassword'. That should work except this regexp is probably augmented by other checks like a minimum length. ‘correct horse battery staple’. https://xkcd.com/936/ -- Cheers, Ralph. -- Next meeting: Online, Jitsi, Tuesday, 2024-11-12 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... https://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
