raise PBKDF2 iterations in backward compatible way

[robinmoisson]

Following the discussion on #159 , this PR does the following:

• raise the number of PBKDF2 iterations in a backward compatible way
• when parsing and upgrading a legacy remember-me hash from 1k to Xk iterations, update the saved hash in localStorage (so that we don't need to recompute the upgrade on each page, we save the upgraded hash after we computed it once and it's now not legacy anymore)
• show a warning to users who are using a custom password_template
• the warning points to a github issue with easy instructions to follow to update your password_template
• update the README to detail what's a good password
• warn the user if they are using a weak password and suggests a better one

I tested:

• encrypting from 2.2 with remember-me / auto-decrypt link, then re-encrypting with this PR: the autodecryption work correctly
• encrypting with a custom password_template from <2.2: the encryption is done with 1k and a warning message is shown as expected

I'm not yet sure what will be the final iteration count, as the JS implementation is pretty slow and we don't want to impact decrypting users too much. 50k is definitely noticeable, around 1s on a decent CPU.

I think the order of magnitude is what matters: going from 1k to 10k is significant, going from 15k to 50k maybe not so much, so I'll test a little more.

Once that's done and merged in 2.x, another PR will update 1.x.

Legacy template:

Short password: