security: rotate login password

vars/default.nix

@@ -4,9 +4,12 @@
   userfullname = "Ryan Yin";
   useremail = "xiaoyin_c@qq.com";
   networking = import ./networking.nix { inherit lib; };
-  # generated by `mkpasswd -m scrypt --rounds=11`
+  # Generated using: mkpasswd -m yescrypt --rounds=11
+  # Password: long, strong random string (full charset)
+  # Rotation policy: changed annually
+  # Purpose: system login password only
   # https://man.archlinux.org/man/crypt.5.en
-  initialHashedPassword = "$7$CU..../....KDvTIXqLTXpmCaoUy2yC9.$145eM358b7Q0sRXgEBvxctd5EAuEEdao57LmZjc05D.";
+  initialHashedPassword = "$y$jFT$RBapCH3F6bc0uSF.FaUGB.$rvhiVvcCKxkkumDFLONV5zFP1lsv1VyZ1ErH.r2rNk3";
   # Public Keys that can be used to login to all my PCs, Macbooks, and servers.
   #
   # Since its authority is so large, we must strengthen its security: