Don't let users use their email or first bit of email as a password

[jarofgreen]

https://blog.codinghorror.com/password-rules-are-bullshit/

[jarofgreen]

See https://github.com/OpenACalendar/OpenACalendar-Web-Core/blob/master/core/php/index/controllers/UserController.php - register function.

Would be good if it could be a new function on the user class, then it could have some tests against it.