fix: Password uses char count not byte length, redact Debug output, tighten test assertion

crates/application/src/auth/tests/register.rs

@@ -60,5 +60,6 @@ async fn test_register_short_password_fails() {
         },
     )
     .await;
-    assert!(result.is_err());
+    let err = result.unwrap_err().to_string();
+    assert!(err.contains("8 characters"), "expected password length error, got: {err}");
 }

crates/domain/src/value_objects.rs

@@ -252,14 +252,20 @@ impl PosterUrl {
     }
 }
 
-#[derive(Clone, Debug, PartialEq, Eq)]
+#[derive(Clone, PartialEq, Eq)]
 pub struct Password(String);
 
+impl std::fmt::Debug for Password {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_str("Password([REDACTED])")
+    }
+}
+
 impl Password {
     const MIN_LENGTH: usize = 8;
 
     pub fn new(raw: String) -> Result<Self, DomainError> {
-        if raw.len() < Self::MIN_LENGTH {
+        if raw.chars().count() < Self::MIN_LENGTH {
             Err(DomainError::ValidationError(
                 "Password must be at least 8 characters".into(),
             ))