Improve login security

[affand]

Some IdentityOptions attributes need to be set in Startup.cs in order to guide the user to create secure password & improve login security:

services.Configure<IdentityOptions>(options =>
            {
                // Password settings
                options.Password.RequireDigit = true;
                options.Password.RequiredLength = 8;
                options.Password.RequireNonAlphanumeric = true;
                options.Password.RequireUppercase = true;
                options.Password.RequireLowercase = true;
                options.Password.RequiredUniqueChars = 6;

                // Lockout settings
                options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
                options.Lockout.MaxFailedAccessAttempts = 10;
                options.Lockout.AllowedForNewUsers = true;

                // User settings
                options.User.RequireUniqueEmail = true;
            });

[frandi]

This is good, thanks. Although I think some of them are subjective opinions, but it's a good start, and we'll surely tweak it along the time. We might even want to integrate it with external service like https://haveibeenpwned.com/API/v2.