Dan
Posts: 4513
Joined: Wed Apr 24, 2013 3:51 pm

Validate User Input for Password Complexity

Sun Jan 07, 2024 7:17 pm

Hi,

Whenever the user is asked to enter a password that is latter used. e.g. creating a user on the machine

Code: Select all

net user /add username password

we should always make sure that the password meets the security standards:

  • at least 8 character long
  • includes a special character
  • includes an upper-case character
  • includes a digit
Let's see how this can be handed using Advanced Installer.


1) Choose installer theme
Since we are going to edit dialogs, we need to select the installer theme right from the beginning.

For this particular example, we'll select the Serene theme:
select theme.png
select theme.png (71.11KiB)Viewed 121854 times



2) Create the dialog where user is asked to input the password:

With the Dialog Editor you can create complex scenario. In our case, we'll have a new dialog where the user will have to input the password:
dialog password.png
dialog password.png (77.6KiB)Viewed 121854 times

We can see the the following UI elements:

  • Password edit box where the user is asked to input the password
  • A second field for the password so that we can check the password is well know by the user. In case the password is not the same, an error will be displayed to the user
  • Validate push button that will execute the custom action that handles the password validation

3) Customize the dialog:
We'll conditionally enable the "Next" control based on the result of the password check.
control conditions next.png
control conditions next.png (41.79KiB)Viewed 121854 times

3.1) Validate user input on dedicated control
To keep things more clear, we'll add a dedicated push button to execute the custom actions that handle the password check and informing the user if the password is strong enough or not.
pubish events validate control.png
pubish events validate control.png (63.38KiB)Viewed 121854 times

4.Validate password complexity using custom action

To validate the password complexity we'll use the following PowerShell script:

Code: Select all

#Requires -version 3
Param()

# When testing or debugging your script, you can quickly display a message box
[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms')


# Function to check password complexity
Function Check-PasswordComplexity {
    param (
        [string]$Password
    )

    # Define the regex patterns for the password requirements
    $LengthPattern = "^.{8,20}$"
    $SpecialCharPattern = '[!@#\$%^&*()_+={}\[\]:;"<>?,./\\|]'
    $UpperCharPattern = '[A-Z]'
    $DigitPattern = '\d'

    # Check each requirement
    $LengthCheck = $Password -match $LengthPattern
    $SpecialCharCheck = $Password -match $SpecialCharPattern
    $UpperCharCheck = $Password -cmatch $UpperCharPattern
    $DigitCheck = $Password -match $DigitPattern

     # reset property
     AI_SetMsiProperty PASS_STRONG ""

    # Check if all requirements are met
    if ($LengthCheck -and $SpecialCharCheck -and $UpperCharCheck -and $DigitCheck) {
        
	Write-Host "Password meets the security standards."
	AI_SetMsiProperty PASS_STRONG "true"

    } else {

        Write-Host "Password does not meet the security standards. Make sure your password is:"

        if (-not $LengthCheck) {
            Write-Host "- at least 8 characters long"
        }
        if (-not $SpecialCharCheck) {
            Write-Host "- includes a special character"
        }
        if (-not $UpperCharCheck) {
            Write-Host "- includes an upper-case character"
        }
        if (-not $DigitCheck) {
            Write-Host "- includes a digit"
        }
	AI_SetMsiProperty PASS_STRONG "false"
    }
}

# Example usage:
#[System.Windows.Forms.MessageBox]::Show($Password)

$Password = AI_GetMsiProperty USR_PASSWORD
Check-PasswordComplexity -Password $Password

In the above custom action, the PASS_STRONG property is set. We'll use this property to conditionally display some informative messages to the user:

  • informative message when the password does not meet the complexity
  • informative message when the password does not match
  • informative message when the password pass the complexity requirements
The sample project is attached to this thread, so if you are interested to take a look directly at my project, you are more than welcome to download the sample file.

Best regards,
Dan
Attachments
Validate user input.aip
(26.92KiB)Downloaded 1081 times
Dan Ghiorghita - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Return to “Sample Projects”