Plugin system #52
Description
The library provides an API to maintain password validations easily and is objective in nature. However real life problems require subjectivity, like the problem of password strength is solved wonderfully by zxcvbn.
Till now I have been of the opinion that subjectivity should remain in the user-land. However it is cumbersome for the application developer to use multiple incoherent libraries to achieve a password policy which is in the best interest of the users' security.
An interesting proposition of a plugin system has come forward to solve this problem during an offline discussion with @pgAdmin. Prima facie, a plugin system will make it easier to make subjective password policies without bloating the library and helping the developer manage and customize password policies using the library's well structured API.
I'm creating this issue as a place to discuss and will add more thoughts later.