If you take a look at this MSDN link, it gives an example of a password validation RegEx expression, and (more specifically) how to use it in ASP.NET.
For what you're looking to accomplish, this should work:
(?!^[0-9]*$)(?!^[a-zA-Z]*$)^([a-zA-Z0-9]{8,20})$
This requires at least one digit, at least one alphabetic character, no special characters, and from 8-20 characters in length.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…