Whenever the user is asked to enter a password that is latter used. e.g. creating a user on the machine
Code: Select all
net user /add username password
we should always make sure that the password meets the security standards:
- at least 8 character long
- includes a special character
- includes an upper-case character
- includes a digit
1) Choose installer theme
Since we are going to edit dialogs, we need to select the installer theme right from the beginning.
For this particular example, we'll select the Serene theme:
- select theme.png (71.11KiB)Viewed 121814 times
2) Create the dialog where user is asked to input the password:
With the Dialog Editor you can create complex scenario. In our case, we'll have a new dialog where the user will have to input the password:
- dialog password.png (77.6KiB)Viewed 121814 times
We can see the the following UI elements:
- Password edit box where the user is asked to input the password
- A second field for the password so that we can check the password is well know by the user. In case the password is not the same, an error will be displayed to the user
- Validate push button that will execute the custom action that handles the password validation
3) Customize the dialog:
We'll conditionally enable the "Next" control based on the result of the password check.
- control conditions next.png (41.79KiB)Viewed 121814 times
3.1) Validate user input on dedicated control
To keep things more clear, we'll add a dedicated push button to execute the custom actions that handle the password check and informing the user if the password is strong enough or not.
- pubish events validate control.png (63.38KiB)Viewed 121814 times
4.Validate password complexity using custom action
To validate the password complexity we'll use the following PowerShell script:
Code: Select all
#Requires -version 3
Param()
# When testing or debugging your script, you can quickly display a message box
[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms')
# Function to check password complexity
Function Check-PasswordComplexity {
param (
[string]$Password
)
# Define the regex patterns for the password requirements
$LengthPattern = "^.{8,20}$"
$SpecialCharPattern = '[!@#\$%^&*()_+={}\[\]:;"<>?,./\\|]'
$UpperCharPattern = '[A-Z]'
$DigitPattern = '\d'
# Check each requirement
$LengthCheck = $Password -match $LengthPattern
$SpecialCharCheck = $Password -match $SpecialCharPattern
$UpperCharCheck = $Password -cmatch $UpperCharPattern
$DigitCheck = $Password -match $DigitPattern
# reset property
AI_SetMsiProperty PASS_STRONG ""
# Check if all requirements are met
if ($LengthCheck -and $SpecialCharCheck -and $UpperCharCheck -and $DigitCheck) {
Write-Host "Password meets the security standards."
AI_SetMsiProperty PASS_STRONG "true"
} else {
Write-Host "Password does not meet the security standards. Make sure your password is:"
if (-not $LengthCheck) {
Write-Host "- at least 8 characters long"
}
if (-not $SpecialCharCheck) {
Write-Host "- includes a special character"
}
if (-not $UpperCharCheck) {
Write-Host "- includes an upper-case character"
}
if (-not $DigitCheck) {
Write-Host "- includes a digit"
}
AI_SetMsiProperty PASS_STRONG "false"
}
}
# Example usage:
#[System.Windows.Forms.MessageBox]::Show($Password)
$Password = AI_GetMsiProperty USR_PASSWORD
Check-PasswordComplexity -Password $PasswordIn the above custom action, the PASS_STRONG property is set. We'll use this property to conditionally display some informative messages to the user:
- informative message when the password does not meet the complexity
- informative message when the password does not match
- informative message when the password pass the complexity requirements
Best regards,
Dan