[FEATURE] Reset password for backend users

This feature adds a link on TYPO3 Backend's login form
to reset a backend users' password if the user has forgotten the password.

Key changes:
* Only enabled for backend users with an email address and a password set
* Enabled by default but can be disabled completely
* Optionally only works for non-admins via TYPO3_CONF_VARS
* Only send out emails to users within the system, but no information disclosure
* If multiple valid users have the same email address, a different email is sent out
* TCA be_users.email is not set to eval=email (due to backwards-compatibility)
* Password resets are only valid for 2 hours (non-configurable)
* Not extensible for third-party authentication methods yet
* Rate limiting is enabled per email address for 3 attempts per 30mins (non-configurable)
* When logging in, all previous tokens are removed
* When requesting multiple resets, only the last email is valid
* A CLI command "backend:resetpassword $backendUrl $emailAddress" sends out an email as well from admins
* Admins can trigger a password reset for users in the BE User module

Resolves: #89513
Releases: master
Change-Id: I9a146d5a9db176d24f2223c5eafb0fb42861e93f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63385


Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>