PasswordCheck - A small C# class to calculate password strength and implement custom password policies in ASP.NET

Classe ASP.NET C# per il controllo e il calcolo formale del Codice Fiscale

If you're looking for a decent password strength control implementation for ASP.NET C# you could find this class I made a while ago useful enough. After all these years I'm still using it in a number of projects, from the good-old ASP.NET ASPX Forms to the new ASP.NET Core MVC applications.

The class can be used to perform basically all the required checks in a very customizable way: minimum length, maximum length, digit/numbers, special characters and so on. It features a PasswordStrength enum (and a GetPasswordStrength method) which you can use to calculate the average strength of any given password: it can be handy for general-purpose scenarios, when you don't have to implement a given password policy. In case you have to do that, you can use the helper methods instead and combine them to suit your needs as shown in the sample implementation provided within the IsStrongPassword method - which is the one I'm still using in most cases.

The methods are quite self-explanatory, so there isn't much more to say: if you like the class, feel free to leave a feedback in the comment section below!

It's worth noting that one of the methods (the one using PasswordOptions as a parameter) requires a reference to the using Microsoft.AspNetCore.Identity namespace: it will come very handy when using the ASP.NET Core Identity Framework to check the password validity at the server-side in some specific scenarios, such as new users registrations. If we don't want - or need - to add the Identity Framework to your project, we can just comment out that method and use the generic overload below.


About Ryan

IT Project Manager, Web Interface Architect and Lead Developer for many high-traffic web sites & services hosted in Italy and Europe. Since 2010 it's also a lead designer for many App and games for Android, iOS and Windows Phone mobile devices for a number of italian companies. Microsoft MVP for Development Technologies since 2018.

View all posts by Ryan

6 Comments on “PasswordCheck - A small C# class to calculate password strength and implement custom password policies in ASP.NET”

  1. Pingback: C# Random Password Generator for ASP.NET Core & ASP.NET MVC Identity Framework
  2. Thanks, its handy class.
    I think that you got a small bug there as the “GetPasswordStrength” method will never return 5 (for very strong password). in order to fix it, i changed the return statement from:
    return (PasswordStrength)score;
    return (PasswordStrength)score+1;

    1. This code helped us to build password checker. A small bug as Ben Yitzhaki mentions is present

      public static PasswordStrength GetPasswordStrength(string password)
      int score = 1;

      The score should be initialized with 1.

  3. Thank you for making such a nice class,
    Can you please tell me how to integrate it into my project.

Leave a Reply

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.

This site uses Akismet to reduce spam. Learn how your comment data is processed.