Regex for Strong Password
Regex Pattern
^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$At least 8 chars with uppercase, lowercase, digit, and special character
Quick Answer
The regex pattern for strong password is `^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$`. At least 8 chars with uppercase, lowercase, digit, and special character. This works in JavaScript, Python, Ruby, PHP, Java, and most regex engines that support PCRE syntax.
Test Examples
| Input | Result |
|---|---|
| Password1! | ✓ Matches |
| Str0ng@Pass | ✓ Matches |
| MyP@ss123 | ✓ Matches |
| password | ✗ No match |
| Password | ✗ No match |
| Password1 | ✗ No match |
| Pass! | ✗ No match |
Code Examples
javascript
const regex = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$/;
const isValid = regex.test(value);python
import re
pattern = r'^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$'
if re.match(pattern, value):
print("valid")ruby
pattern = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$/
if value =~ pattern
puts "valid"
endphp
if (preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$/', $value)) {
echo "valid";
}java
String pattern = "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]{8,}$";
boolean isValid = value.matches(pattern);Frequently Asked Questions
Related Regex Patterns
Password 12+ Characters
At least 12 characters with uppercase, lowercase, and digit
Email Address
Validates a standard email address format
Email (RFC 5322 Compliant)
RFC 5322 compliant email validation with label length limits
URL (HTTP/HTTPS)
Validates HTTP and HTTPS URLs
URL (Any Protocol)
Matches URLs with any protocol (http, https, ftp, ws, etc.)
Domain Name
Validates a domain name (no protocol)