i would suggest use regular expressions like with regular expression validator,
<asp:RegularExpressionValidator ID="RegExp1" runat="server"
ErrorMessage="Password length must be between 7 to 10 characters"
ControlToValidate=" txtPassword "
ValidationExpression="^[a-zA-Z0-9'@&#.\s]{7,10}$" />