Security: Add password rotation feature

[ywarnier]

Ask for the user to define a new password after x days.

Add configuration option //$_configuration['security_password_rotate_days'] = 90;. If > 0, then consider the feature active.

Add an extra "date" user field called password_updated_at.

If no value still, ask the user to reset its password (send to main/auth/reset.php?) and update password_updated_at.
If $_configuration['security_password_rotate_days'] is set and {today - $_configuration['security_password_rotate_days']} > password_updated_at, then send the user to the reset page with the message:
$PasswordRotationRequestedAfterXDays = "Your password is more than %s days old. Please update it using the form below.";.

Before updating the password, check if the encrypted form is the same as the one stored in the database (this might already be available through the addNoSamePasswordRule() function). If so, ask again:
$PasswordRotationRequestedPasswordCannotBeTheSame = "The new password must be different from the previous one.";.

BT#21146