My Coding Challenge Interview! Sheesh!

/*
You are working on an authentication system and there is a set of rules the users have to follow when picking a new password:

1. It has to be at least 16 characters long.
2. The password cannot contain the word "password". This rule is not case-sensitive.
3. The same character cannot be used more than 4 times. This rule is case-sensitive, "a" and "A" are different characters.
4. The password has to contain at least one uppercase and one lowercase letter.
5. The password has to contain at least one of the following special characters "*","#","@".

Write a function that takes in a password and returns a collection of any rule numbers that are not met.

password_1 = "Strongpwd9999#abc"             ==> []
password_2 = "Less10#"                       ==> [1]
password_3 = "Password@"                     ==> [1,2]
password_4 = "#PassWord011111112222223x"     ==> [2,3]
password_5 = "password#1111111"              ==> [2,3,4]
password_6 = "aaaapassword$$"                ==> [1,2,3,4,5]
password_7 = "LESS10#"                       ==> [1,4]
password_8 = "SsSSSt#passWord"               ==> [1,2]


All test cases:

validate(password_1) ==> []
validate(password_2) ==> [1]
validate(password_3) ==> [1,2]
validate(password_4) ==> [2,3]
validate(password_5) ==> [2,3,4]
validate(password_6) ==> [1,2,3,4,5]
validate(password_7) ==> [1,4]
validate(password_8) ==> [1,2]


Complexity variables:

N = length of the password

time O(n)
space O()

 */

"use strict";


const password_1 = "Strongpwd9999#abc";
const password_2 = "Less10#";
const password_3 = "Password@";
const password_4 = "#PassWord011111112222223x";
const password_5 = "password#1111111";
const password_6 = "aaaapassword$$";
const password_7 = "LESS10#";
const password_8 = "SsSSSt#passWord";







function validate(password) {
  const arrRules = [] 

  // 1. It has to be at least 16 characters long.
  if (password.length < 16) arrRules.push(1)

  // 2. The password cannot contain the word "password". This rule is not case-sensitive.
  if (password.toLowerCase().includes('password')) arrRules.push(2)


  // 3. The same character cannot be used more than 4 times. This rule is case-sensitive, "a" and "A" are different characters.
  const charCounter = {}

  for (const char of password) {
    if (charCounter[char]) {
      charCounter[char] ++ 
    } else {
      charCounter[char] = 1
    }

    if (charCounter[char] > 4) {
      arrRules.push(3)
      break
    }
  }



  // 4. The password has to contain at least one uppercase and one lowercase letter.
  let hasUpperCase = false
  let hasLowerCase = false

  for (const char of password) {
    const decCode = char.charCodeAt(0) 

    if (decCode > 64 && decCode < 91) {
      hasUpperCase = true
    } else if (decCode > 96 && decCode < 123) {
      hasLowerCase = true
    }

    if (hasUpperCase && hasLowerCase) break
  }

  if (!(hasUpperCase && hasLowerCase)) {
    arrRules.push(4)
  }

  // 5. The password has to contain at least one of the following special characters "*","#","@".

  let hasSpecialChar = false

  for (const char of password) {

    if (["*","#","@"].includes(char)) {
      hasSpecialChar = true
      break
    }

  }

  if (!hasSpecialChar) arrRules.push(5)

  return arrRules

}

console.log(validate(password_1))
console.log(validate(password_2))
console.log(validate(password_3))
console.log(validate(password_4))
console.log(validate(password_5))
console.log(validate(password_6))
console.log(validate(password_7))
console.log(validate(password_8))