Add-ons Password Tools 3.13.1

• Require standardLib v1.20.0+
• Restore XF2.1 support, note front-end Zxcvbn requires XF2.2+
• Support XF2.3+
• php 8.4+ compatibility

• Add "Force password reset on compromised password" option
  • This option is likely overkill for most sites, and is not generally recommended

• Fix changing user entity while a write is pending in some cases
• Add "Use rejected password fragments in password meter" option (default disabled).
  Take rejected password fragments into consideration when showing the password strength meter to the user.
  Security note: this makes the full list of rejected password fragments visible to end users; ensure that there aren't any sensitive password fragments before enabling.