Check the password strength in Python

Lets us see how to check the strength of the password in Python in this tutorial. Here in this tutorial, we are going to learn how to classify a password according to its strength.

Generally, we think of using functions (with isdigit(), islower(), isupper()), importing ascii_lower, ascii_upper, digits from string, importing packages like PasswordPolicy from password_strength and program accordingly.

Let us now do it in the simplest way…

To classify a password according to its strength

Now, let us do this using regular expressions.

So initially, a password must have 8 characters or more than that.
To have a strong password we must have a digit, a lowercase, an uppercase and a special character or else it is considered as weak.

Regular expression for a strong password 

((?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[[email protected]#$%^&*]).{6,20}) 
# regular expression to say the password is strong.

This is the regular expression for strong password.

(?=.*\d)” says that it must contain one digit similarly we say that for lowercase, uppercase and special characters.
Here ,”{8,30}” tells that its length is at least 8 characters and maximum of 30 characters.

Regular expression for weak password 

((\d*)([a-z]*)([A-Z]*)([[email protected]#$%^&*]*).{6,20})
# regular expression to tell the password is weak.

This is the regular expression for weak password.

Here * indicates zero or more than that.

To use regular expressions we need to import re.

Let us have a look on code now.

import re
v=input("Enter the password:")
    if(bool(re.match('((?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[[email protected]#$%^&*]).{8,30})',v))==True):
        print("The password is strong")
    elif(bool(re.match('((\d*)([a-z]*)([A-Z]*)([[email protected]#$%^&*]*).{8,30})',v))==True):
        print("The password is weak")
    print("You have entered an invalid password.")

So, here in our code, we have used the Python len() to know the length of the entered string(input given by the user).
If the length of the string is more than 8 characters then only it is considered as a valid string.


The “match()” is a function from module “re”. This function helps to match regular expressions with the string.
Here, in our code, the re.match() function is allowed to return a Boolean value because we are saying the re.match() to return Boolean by putting it in bool.
Generally, the re.match() function returns a match object on success and None on failure.

bool(re.match('((?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[[email protected]#$%^&*]).{6,20})',v)
bool(re.match('((\d*)([a-z]*)([A-Z]*)([[email protected]#$%^&*]*).{6,20})',v)
# returns a boolean value.

Now, let us see the output.


Here are our three outputs.

Enter the password:man67
You have entered an invalid password.
Enter the password:[email protected]
The password is strong.
Enter the password:[email protected]
The password is weak.

Also, read:


From our code, it is understood that we are detecting whether a string contains digits, alphabets, special characters or not.
Here is the link for you to detect if a string contains special characters or not.

So we have learned how to check the password strength in Python with example.

One response to “Check the password strength in Python”

  1. Adam says:

    Write a program that checks the strength of a password. The password is strong if it has…
    At least 1 letter between [a-z] and 1 letter between [A-Z]
    At least 1 number between [0-9]
    At least 1 character from [[email protected]#$%^&*]
    Minimum length of 6 characters
    Print out whether or not the password is strong by looping through each character of the password individually. Loop the whole program until the user inputs a password that is strong enough.

Leave a Reply

Your email address will not be published. Required fields are marked *