Add optional pwnedpasswords.com support to prevent passwords used in data breaches

[dansup]

It would be trivial to implement the API to check against passwords used in data breaches in javascript for the registration page.

API Docs: https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange

[veb]

Fantastic idea. 👍 +1

[rugk]

:+1:

It should just send the first chars of the hash, so it is totally fine to do that and it does not reveal your password.

[iamdoubz]

Just want to drop a comment here for this. More or less leaving a link to how Nextcloud implemented to be used for future implementation.

Thanks for all your hard work.