M# Tutorials

Learn to build .NET applications with M#. Our step-by-step tutorials will get you up-to-speed rapidly.
If you already know ASP.NET and C#, you can master M# in a week or two.

Password Strength Enforcement

This tutorial explains enforcing password strength using M# entity events. Any website which requires login should enforce password strength. Simple passwords are easy to guess or to break with a dictionary attack, which could lead to serious consequent if compromised.

You can enforce password strength in “User” entity business class using the “Validate” method. For example, the screenshot below enforces at least one capital letter, at least four letters, at least one number and a minimum of 8 characters.

We could also have implemented this by using a regular expression:

It is advised to avoid using regular expressions as it is difficult to read, maintain and test. If you look at the first screenshot you can notice that we can easily change parameters depending on client needs, without having to change the code or error messages. You can even set those parameters in the application settings and let administrators change this if needed. Moreover we only display the correct error message and not a generic one displaying all the rules, this improves the user experience.