suggest using password manager (e.g. bitwarden)

suggest people use a password manager (e.g. bitwarden), in appropriate places:

- [ ] creating the password when signing up
- [ ] texts around lost password, on website and emails
- [ ] any other place?

rationale:
- generally good practice to use a password manager
- bitwarden is open source and relatively easy to use