What does this PR do?
Add a rate limit to all endpoints that check passwords.
All of these endpoints require the caller to already be logged in, so it's not really much of a security problem, but it's still safer to limit any endpoints that can be used to guess the current password
Contribution Guidelines By submitting this merge request, you agree to follow our Contribution Guidelines