Tag auth

Password policies

One of tasks I was working on recently is related to password policies. Of course, everything is configurable in code right now. In this note I want to tell you about some my decisions and how I got to them. My first idea was creating an interface that any policy will have to satisfy. type PasswordPolicy interface { Verify(pass string) error } That make sense, doesn’t it? When I was working on specific policy implementation I had a feeling that the type doesn’t have to be an interface.