Giving an empty list to the password cache corrupts it by adding
a user in the cache without password. Then, the next time
AuthDb calls getCachedPassword() for the same user, VALID_PASS_FOUND
is returned but there is no password returned by the out argument.

This commit adds a protection in cachePassword() that throw an
invalid_argument exception if the given password list is empty.