[Security Enhancement] Remove default password and support custom password when first access console.

[KomachiSion]

Is your feature request related to a problem? Please describe.

Since version 1.2.0, Nacos has provided a default authentication plugin to facilitate user access, complete with default username and password. However, the use of default passwords can pose a security risk, making it easy for malicious individuals to exploit the system, leading to potential data breaches.

Therefore, we have researched other products in the open-source community and found that most products facing this issue adopt an approach that requires either password generation upon enabling authentication or mandates users to set their own passwords, rather than using a uniform default value.

Following this best practice design principle, the Nacos community plans to eliminate the default password policy. Upon first-time activation of authentication, users will define a one-time password through the console or an API. This API and the console's initial password setup feature will only be active for initial setup; once an admin account is created in the cluster, the feature cannot be invoked again.

For users who are upgrading and have admin accounts with the default password 'nacos,' a prompt will be displayed on the console indicating the presence of the default password and recommending a change.

The Nacos community believes that this change, combined with the removal of the default value for token.secure.key introduced in Nacos 2.2 and the console prompts indicating that authentication is not enabled, will significantly reduce the risk of data breaches in newer versions of Nacos.