Replace static, weak password

What does this MR do?

The documentation currently provides an example where a user's password is set to 'secret_pass'. This might encourage administrators to actually use that value, which would be insecure.

I suggest we either:

• use a placeholder value like INSERT_SECURE_PASSWORD_HERE
  • Downside: administrators might not be familiar with ruby libraries and which ones are suitable for creating secure random values
  • Downside: administrators might use that value as the literal password, and therefore the issue is still the same
• provide a means to generate a secure password (this MR). Examples:
  • Gitlab::Utils.force_utf8(::User.random_password) via https://gitlab.com/gitlab-com/gl-security/security-operations/sirt/operations/-/issues/2167#note_892624590
    • Upside: will ensure the password meets any configured password length requirements (using max length)
    • Downside: these methods might change in future releases of GitLab, or might not exist in past releases of GitLab, and this script wouldn't work
  • SecureRandom.base64(24)
    • Upside: should work in almost all cases because SecureRandom is a standard lib
    • Downside: might not meet length requirements
  • Something else?

Related issues

Author's checklist

• Optional. Consider taking the GitLab Technical Writing Fundamentals course.
• Follow the:
  • Documentation process.
  • Documentation guidelines.
  • Style Guide.
• If you're adding or changing the main heading of the page (H1), ensure that the product tier badge is added.
• If you are a GitLab team member, request a review based on:
  • The documentation page's metadata.
  • The associated Technical Writer.

If you are a GitLab team member and only adding documentation, do not add any of the following labels:

• ~"frontend"
• ~"backend"
• ~"type::bug"
• ~"database"

These labels cause the MR to be added to code verification QA issues.

Reviewer's checklist

Documentation-related MRs should be reviewed by a Technical Writer for a non-blocking review, based on Documentation Guidelines and the Style Guide.

• If the content requires it, ensure the information is reviewed by a subject matter expert.
• Technical writer review items:
  • Ensure docs metadata is present and up-to-date.
  • Ensure the appropriate labels are added to this MR.
  • Ensure a release milestone is set.
  • If relevant to this MR, ensure content topic type principles are in use, including:
    • The headings should be something you'd do a Google search for. Instead of Default behavior, say something like Default behavior when you close an issue.
    • The headings (other than the page title) should be active. Instead of Configuring GDK, say something like Configure GDK.
    • Any task steps should be written as a numbered list.
    • If the content still needs to be edited for topic types, you can create a follow-up issue with the docs-technical-debt label.
• Review by assigned maintainer, who can always request/require the reviews above. Maintainer's review can occur before or after a technical writer review.