Provide password strength logic and facilities, along with docs, potential REST usage
Document dependencies being used
Allow encrypting other kinds of payloads easily apart from bewaking tokens
Add tests for is-token-expired?
is-token-expired?
verify token expired in usages of bewaking
Explain token payload
expand default token validity to around 30 days