Currently, the password validation algorithm makes a REST call for every keystroke entered by the user. If the user types quickly, this can result in lost keystrokes due to the latency of the REST call.
Our solution to this is to track the length of the input password. If the length has not changed since the last REST call, don't make another one. By doing so, it eliminates un-necessary calls to the REST service and improves the reliability of the algorithm so that keystrokes are not lost.