Better UI for self-served password change

[sandhose]

When an account is baked by a password credential, the end user should be able to change their password themselves. This assumes the user have not lost their password, which is different from the password recovery flow covered in #13

The flow would look like this:

• the user go to their MAS user management screen
• they get asked for their old password, their new password and a confirmation of the new password
• their other sessions get (optionally?) all revoked
• (optionally) they get an email to warn them their password change

Subtasks:

• API for setting password #2197

Open questions:

• What knobs should we expose to server admins?
  • Allow password change overall
  • Notify of password changes by email
  • Whether other sessions should be signed out
• Is the password change email notification useful? If so, we need to set the wording/design
• Should we actually revoke sessions? Maybe a middle ground would be to revoke browsers sessions, so sessions in the MAS UI, but not client sessions? That would prevent potential attackers to change sensitive stuff on the account, e.g. the list of emails, delete the account, etc.

Relevant design screens:

• Potential entry point for this flow, the account mgmt screen

[hughns]

#2197 is tracking creating the API needed for this.

[americanrefugee]

Here is the final design in Figma.