You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The library provides an API to maintain password validations easily and is objective in nature. However real life problems require subjectivity, like the problem of password strength is solved wonderfully by zxcvbn.
Till now I have been of the opinion that subjectivity should remain in the user-land. However it is cumbersome for the application developer to use multiple incoherent libraries to achieve a password policy which is in the best interest of the users' security.
An interesting proposition of a plugin system has come forward to solve this problem during an offline discussion with @pgAdmin. Prima facie, a plugin system will make it easier to make subjective password policies without bloating the library and helping the developer manage and customize password policies using the library's well structured API.
I'm creating this issue as a place to discuss and will add more thoughts later.
The text was updated successfully, but these errors were encountered:
The library provides an API to maintain password validations easily and is objective in nature. However real life problems require subjectivity, like the problem of password strength is solved wonderfully by zxcvbn.
Till now I have been of the opinion that subjectivity should remain in the user-land. However it is cumbersome for the application developer to use multiple incoherent libraries to achieve a password policy which is in the best interest of the users' security.
An interesting proposition of a plugin system has come forward to solve this problem during an offline discussion with @pgAdmin. Prima facie, a plugin system will make it easier to make subjective password policies without bloating the library and helping the developer manage and customize password policies using the library's well structured API.
I'm creating this issue as a place to discuss and will add more thoughts later.
The text was updated successfully, but these errors were encountered: