Background
This spec covers the basic functionality required to provide secure login functionality as the frontispiece for the entire QBO3 application.
Specifically:
passwords need to meet certain security requirements
new users must be able to register and login immediately thereafter
users need to be able to request a password reset
user accounts should be locked after 3 failed login attempts
Specification
The security module
New users can be created
Can request a password reset
allows resetting of a password via a secure link
does not allow short passwords
does not allow weak passwords
does not allow key words
does allow strong passwords
locks an account out after 3 failed login attempts
Can delete users