I have not thought carefully about all of your code and questions, but here's one suggested technique for how to handle validation code more simply. In most contexts, people find it easier to understand affirmative boolean logic rather than negated logic. My guess is that the bug in is_strong_password() stems from that phenomenon (the function tells me hi is strong, for example). You've created 3 variables to be true when something is wrong but then combined them under the opposite assumption. Here are two alternatives to consider:

# This alternative uses affirmative variables: True means OK. Also notice # how the variable names are a bit more intuitive because of the # affirmative framing. When possible, try to name boolean variables to # convey their nature: is_X, has_X, contains_X, etc. Your current code has # variables names implying that they each hold an "error" of some kind -- # but they do not. Finally, the usage of bool() here is not strictly # necessary, but it does convey intent explicitly. def is_strong_password(password): is_long = len(password) >= 8 has_digits = bool(re.search(r"\d", password)) has_upper = bool(re.search(r"[A-Z]", password)) return is_long has_digits and has_upper # This alternative illustrates a handy code-layout technique # that often works well when doing validation. This version # is shorter (sometimes nice) but less explicit. In this # case, I would tend to favor the short version, because the # checks are so simple. If the complexity were higher, I would # prefer the approach that names every check to increase clarity def is_strong_password(password): return ( len(password) >= 8 and re.search(r"\d", password) and re.search(r"[A-Z]", password) ) 

The is_email_formated_correctly() can be simplified by doing things more directly. In addition, if validate_email() returns True/False you could simplify further by just returning its return value.

def is_email_formated_correctly(email): try: validate_email(email) return True except EmailNotValidError: return False 

I have not thought carefully about all of your code and questions, but here's one suggested technique for how to handle validation code more simply. In most contexts, people find it easier to understand affirmative boolean logic rather than negated logic. My guess is that the bug in is_strong_password() stems from that phenomenon (the function tells me hi is strong, for example). You've created 3 variables to be true when something is wrong but then combined them under the opposite assumption. Here are two alternatives to consider:

# This alternative uses affirmative variables: True means OK. Also notice # how the variable names are a bit more intuitive because of the # affirmative framing. When possible, try to name boolean variables to # convey their nature: is_X, has_X, contains_X, etc. Your current code has # variables names implying that they each hold an "error" of some kind -- # but they do not. Finally, the usage of bool() here is not strictly # necessary, but it does convey intent explicitly. def is_strong_password(password): is_long = len(password) >= 8 has_digit = bool(re.search(r"\d", password)) has_upper = bool(re.search(r"[A-Z]", password)) return is_long and has_digit and has_upper # This alternative illustrates a handy code-layout technique # that often works well when doing validation. This version # is shorter (sometimes nice) but less explicit. In this # case, I would tend to favor the short version, because the # checks are so simple. If the complexity were higher, I would # prefer the approach that names every check to increase clarity def is_strong_password(password): return ( len(password) >= 8 and re.search(r"\d", password) and re.search(r"[A-Z]", password) ) 

The is_email_formated_correctly() can be simplified by doing things more directly. In addition, if validate_email() returns True/False you could simplify further by just returning its return value.

def is_email_formated_correctly(email): try: validate_email(email) return True except EmailNotValidError: return False