Configurable minimum password length requirement

[jhasse]

In order to discourage the use of insecure passwords, I would like to set a minimum password length requirement.

Original Gogs issue: gogs/gogs#3135

[denji]

realistic password strength estimation: https://github.com/dropbox/zxcvbn

• https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/

[bkcsoft]

@denji not exacly relevant. Also given Dropbox track record their advice is the last I'd listen too 😆

[Bwko]

This got fixed by #223