Module password 

Argon2id password hashing + verification.

Kept tiny on purpose — no in-memory store, no plugin glue. Password hashes live on the application’s own entity (conventionally a passwordHash column on User), so persistence is the same story as every other row. Router endpoints under /api/auth/password/* call these helpers to mint the hash + verify at login.

Enums

PasswordPolicyError

Reasons a password may be rejected at registration / change time.

Constants

MIN_PASSWORD_LEN

Minimum password length. Better-auth and most modern stacks default to 8; OWASP says 8+ for users + a strength meter, 14+ for admins. We pick 10 as a middle ground — measurably better than 8 with no noticeable UX cost.

Functions

check_pwned

Check a password against the HIBP Pwned Passwords v3 API using k-anonymity — only the first 5 chars of the SHA-1 hash leave the box. Returns Ok(0) for “not pwned”, Ok(N) for “pwned N times”, and Err(reason) for HTTP failures (the caller decides whether to fail-open or fail-closed; pylon’s wrappers fail-open so a service outage doesn’t lock everyone out of registration).

dummy_hash

A PHC-format hash of a throwaway string — used to equalize response timing when a login is attempted with an email that isn’t registered. Without this, known-email + wrong-password takes ~50ms (Argon2) and unknown-email takes <1ms, letting an attacker enumerate the user set by response time alone.

hash_password

Hash a password using Argon2id with a random salt. Returns a PHC-format string carrying the algorithm, params, salt, and hash.

validate

Combined “is this password OK?” check — length first, then HIBP. HIBP failures are propagated; the caller decides fail-open/closed.

validate_length

Validate password length. Cheap, pure-rust check. Run before check_pwned so weak local passwords don’t even hit the network.

verify_password

Verify a password against an Argon2 PHC-format hash. Constant-time comparison is handled internally by Argon2’s verify_password.