How do you set a rule saying that the first character of a password has to be upper case? I am trying to do something like this…
if (!ucfirst($password) && substr($password, 0, 1)) {
header("Location: ../signup.php?signup=invalidfirstchar");
exit();
but it is still inserting lowercase password
You don’t. anything that limits the password in any way decreases its entropy, i.e. makes it weaker.
And you shouldn’t save plain passwords anyway.
I am trying to do some conditional statement such as
If (preg_match(/^$[A-Z] $/, $password) && substr ($password, 0, 1) {
}
I am using password_hash by the way …
Nope. Don’t use regex for passwords. I wouldn’t do anything with them. Only thing I’d do is use password_hash and prepared statements and be done with it. If you modify or restrict the user, it’s going to make the password weaker therefore allowing an easier way to attack weak passwords.
Thanks for the advice…
As @spaceshiptrooper said, dont mess with the users password. You can enforce a minimum length though, as it doesn’t alter the input.
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.