Add cms.footlight.io/.well-known/change-password

[saumier]

To facilitate apps like Safari, that prompt users to change their passwords when they are found in security breaches, a request to https://cms.footlight.ion/.well-known/change-password should bring the user to a change password screen. This is a proposed standard. See https://datatracker.ietf.org/doc/html/rfc5785

[troughc]

@saumier what priority would you set for this issue?