Skip to content
Validates password according to flexible and intuitive specification
Branch: master
Clone or download
Latest commit 550b59a Sep 11, 2019


npm version npm downloads build status coverage status


npm install password-validator


var passwordValidator = require('password-validator');

// Create a schema
var schema = new passwordValidator();

// Add properties to it
.is().min(8)                                    // Minimum length 8
.is().max(100)                                  // Maximum length 100
.has().uppercase()                              // Must have uppercase letters
.has().lowercase()                              // Must have lowercase letters
.has().digits()                                 // Must have digits
.has().not().spaces()                           // Should not have spaces
.is().not().oneOf(['Passw0rd', 'Password123']); // Blacklist these values

// Validate against a password string
// => true
// => false

// Get a full list of rules which failed
console.log(schema.validate('joke', { list: true }));
// => [ 'min', 'uppercase', 'digits' ]


Rules supported as of now are:

Rules Descriptions
digits() specifies password must include digits
letters() specifies password must include letters
lowercase() specifies password must include lowercase letters
uppercase() specifies password must include uppercase letters
symbols() specifies password must include symbols
spaces() specifies password must include spaces
min(len) specifies minimum length
max(len) specifies maximum length
oneOf(list) specifies the whitelisted values
not([regex]) inverts the result of validations applied next
is() inverts the effect of not()
has([regex]) inverts the effect of not() and applies a regex (optional)


The following options can be passed to validate method:

  • list - If set, validate method returns a list of rules which failed instead of true/false.


For APIs of other older versions, head to Wiki.


MIT License

You can’t perform that action at this time.