Java Code Example: check password strength

The following Java program is designed to evaluate the strength of a user’s password. It checks for various criteria, including the presence of uppercase and lowercase letters, digits, special characters, and overall length. Based on these checks, the program categorizes the password strength as either “strong” or “medium,” and provides specific feedback if any criteria are not met.

Code Example

import java.util.Scanner;

class PasswordCheck{
    public static void checkPassword(String password) {
        int upperChars = 0, lowerChars = 0, specialChars = 0, digits = 0, length;
        char ch;
        length = password.length();

        if (length < 6) {
            System.out.println("Password must be at least 6 characters long!\n");
            return;
        } else {
            for (int i = 0; i < length; i++) {
                ch = password.charAt(i);
                if (Character.isUpperCase(ch)) {
                    upperChars++;
                } else if (Character.isLowerCase(ch)) {
                    lowerChars++;
                } else if (Character.isDigit(ch)) {
                    digits++;
                } else {
                    specialChars++;
                }
            }
        }

        if (upperChars != 0 && lowerChars != 0 && digits != 0 && specialChars != 0) {
            if (length >= 10) {
                System.out.println("The strength of password is strong.\n");
            } else {
                System.out.println("The strength of password is medium.\n");
            }
        } else {
            if (upperChars == 0)
                System.out.println("Password must contain at least one uppercase character!\n");
            if (lowerChars == 0)
                System.out.println("Password must contain at least one lowercase character!\n");
            if (specialChars == 0)
                System.out.println("Password must contain at least one special character!\n");
            if (digits == 0)
                System.out.println("Password must contain at least one digit!\n");
        }
    }

    public static void main(String[] args) {
        Scanner scan = new Scanner(System.in);
        System.out.print("Please enter password: ");
        String password = scan.nextLine();

        scan.close();

        checkPassword(password);
    }
}

Output

[first_run]
Please enter password: 34rT%
Password must be at least 6 characters long!

[second_run]
Please enter password: 23456weretsDFDS
Password must contain at least one special character!

[third_run]
Please enter password: 456ztr7TZ$$
The strength of password is strong.

Code Explanation

Password Checking Method

Method Signature
public static void checkPassword(String password) {

This method checkPassword is a static method that takes a single String parameter named password. It performs the password validation and prints appropriate messages.

Variable Initialization
int upperChars = 0, lowerChars = 0, specialChars = 0, digits = 0, length;
char ch;
length = password.length();

Here, several variables are initialized:

  • upperChars, lowerChars, specialChars, digits are counters for different types of characters in the password.
  • length stores the length of the password.
  • ch is a temporary variable used to hold each character of the password during iteration.
Length Check
if (length < 6) {
    System.out.println("Password must be at least 6 characters long!\n");
    return;
}

This condition checks if the password length is less than 6 characters. If true, it prints a message and exits the method.

Character Analysis
for (int i = 0; i < length; i++) {
    ch = password.charAt(i);
    if (Character.isUpperCase(ch)) {
        upperChars++;
    } else if (Character.isLowerCase(ch)) {
        lowerChars++;
    } else if (Character.isDigit(ch)) {
        digits++;
    } else {
        specialChars++;
    }
}

This for loop iterates over each character of the password. Depending on the type of character, it increments the corresponding counter:

  • Character.isUpperCase(ch) checks for uppercase letters.
  • Character.isLowerCase(ch) checks for lowercase letters.
  • Character.isDigit(ch) checks for digits.
  • The else statement accounts for special characters.
Password Strength Evaluation
Strong Password Check
if (upperChars != 0 && lowerChars != 0 && digits != 0 && specialChars != 0) {
    if (length >= 10) {
        System.out.println("The strength of password is strong.\n");
    } else {
        System.out.println("The strength of password is medium.\n");
    }
}

This nested if condition checks if the password contains at least one of each type of character. If true, it further checks the length:

  • If the length is 10 or more, it categorizes the password as “strong.”
  • Otherwise, it categorizes it as “medium.”
Missing Character Type Feedback
else {
    if (upperChars == 0)
        System.out.println("Password must contain at least one uppercase character!\n");
    if (lowerChars == 0)
        System.out.println("Password must contain at least one lowercase character!\n");
    if (specialChars == 0)
        System.out.println("Password must contain at least one special character!\n");
    if (digits == 0)
        System.out.println("Password must contain at least one digit!\n");
}

If the password does not meet the criteria for containing all types of characters, this else block provides specific feedback about which type(s) of characters are missing.

Main Method

Method Signature
public static void main(String[] args) {

This is the main method where the program execution begins.

Reading User Input
Scanner scan = new Scanner(System.in);
System.out.print("Please enter password: ");
String password = scan.nextLine();

These lines create a Scanner object to read input from the user. It prompts the user to enter a password and reads the input.

Invoking the Password Check
checkPassword(password);

This line calls the checkPassword method with the user-provided password as the argument.