Add password quirk for kennedy-center.org

[vcsjones]

Overall Checklist

• [X] I agree to the project's Developer Certificate of Origin
• [X] The top-level JSON objects are sorted alphabetically
• [X] There are no open pull requests for the same update

for password-rules.json

• [X] The given rule isn't particularly standard and obvious for password managers
• [X] Generated passwords have been tested from this rule using the Password Rules Validation Tool
• [X] Information has been included about the website's requirements (eg. screenshots, error messages, steps during experimentation, etc.)
• [X] The PR isn't documenting something that would be a common practice among password managers (e.g. minimal length of 6)

Here is a screenshot of the Kennedy Center website with its password rules.

Their explanation text is incomplete.

The site also requires a lower-case letter, I think it is just implied. Their actual password validation regex is ^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&#])[A-Za-z\d@$!%*?&#]{8,}$. You can see that one of the criteria is [a-z].