feat(web): warn on default-password accounts

Track built-in admin and user accounts that still use their
seeded password so the web UI can prompt operators to
rotate credentials after deployment.

- Persist must-change-password state for seeded accounts.
- Clear the reminder after password changes and validate
  empty-password updates.
- Keep the migration and auth API behavior explicit.

easytier-web/frontend-lib/src/locales/cn.yaml

@@ -286,6 +286,9 @@ web:
     logout: 退出登录
     language: 语言
     change_password: 修改密码
+    change_password_now: 立即修改密码
+    default_password_warning: 当前账号仍在使用系统默认密码。为保障安全，请部署完成后立即修改密码。
+    password_changed_relogin: 密码已修改，请重新登录。
 
   device:
     list: 设备列表
@@ -369,6 +372,7 @@ web:
     change_password: 修改密码
     old_password: 旧密码
     new_password: 新密码
+    new_password_empty: 新密码不能为空
     confirm_password: 确认新密码
     language: 语言
     theme: 主题

easytier-web/frontend-lib/src/locales/en.yaml

@@ -286,6 +286,9 @@ web:
     logout: Logout
     language: Language
     change_password: Change Password
+    change_password_now: Change Password Now
+    default_password_warning: This account is still using the default password. Change it immediately after deployment to keep your instance secure.
+    password_changed_relogin: Password changed. Please log in again.
 
   device:
     list: Device List
@@ -369,6 +372,7 @@ web:
     change_password: Change Password
     old_password: Old Password
     new_password: New Password
+    new_password_empty: New password cannot be empty
     confirm_password: Confirm New Password
     language: Language
     theme: Theme