Is the example flawed?

In the javascript Regex section i have been having the hardest time with positive/negative lookaheads.
It’s been over a week and im still stuck. Very little info i can understand online.
But is the example given in the lesson flawed?

Here it is:

let password = "abc123";
let checkPass = /(?=\w{3,6})(?=\D*\d)/;
checkPass.test(password);

Its trying to check for a password with 3,6 numbers and any number of digits.
But i assume this is wrong since “a123” passes, only 1 digit.

Am i correct to assume this is broken due to \w?

Also what does \D*\d do? it checks for non digits then any digit? It’s very odd to me.

Here’s the link to the lesson: https://www.freecodecamp.org/learn/javascript-algorithms-and-data-structures/regular-expressions/positive-and-negative-lookahead

Here is a (naively) simple password checker that looks for between 3 and 6 characters and at least one number:

Digits are 1,2,3,4,5,6,7,8,9,0

Your a123 has 4 characters of which 3 are digits/numbers

When you build the regex you may use some helper resources like regex101: build, test, and debug regex It will break down for you your regex and give you detailed explanation of what’s going on.

doesnt it seem like when it says 3-6 letters and then implys numbers that it doesnt count numbers as letters?
as a programmer i understand why ‘1’ is a character but if i were a member making a password for this, i would never relise based on that “0000” would be a valid password.

I guess the wording makes it rather confusing for me

But it doesn’t say “letters”, it says characters

As the lookaheads look from same position, that make sure that the number(s) can be anywhere in the string