One down side of this is that you can’t reliably enforce password syntax rules. Cause the backend no longer gets the original password. Whilst the frontend can check for password syntax before having it, it can be easily hacked by changing the frontend code