<asp:TextBox ID="txtpass" runat="server"></asp:TextBox><br />
<asp:RegularExpressionValidator ID="Regex5" runat="server" ControlToValidate="txtpass"
ValidationExpression="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,10}"
ErrorMessage="Password must contain: Minimum 8 and Maximum 10 characters atleast 1 UpperCase Alphabet, 1 LowerCase Alphabet, 1 Number and 1 Special Character"
ForeColor="Red" />
for example:
PaSs@123