Improve Security for Account Settings (Password & Email Change)

I’d like to suggest a couple of important improvements to the Account Settings > Login Information section:

1. Password Security
   Currently, users can change their password to a single character. This poses a significant security risk. It would be beneficial to enforce a strong password policy, such as:

   • Minimum of 10 characters
   • At least one uppercase letter, one lowercase letter, one number, and one special character
   • Prevent use of previously breached passwords

2. Email Change Verification
   Users can change their email address without any confirmation or notification. This is another security concern. Ideally, the system should:

   • Require users to verify the new email address before applying the change
   • Notify the old email address about the change
   • Optionally delay the change for a short period (e.g., 24–48 hours) for added protection

These changes would significantly enhance the platform’s security and align it with best practices for user account management.