feat(auth): add manual password input when password not configured

[lucaszhongsj]

Summary

• When password is empty or whitespace-only in config, prompt user to input password manually via terminal
• 120 seconds timeout for manual input
• Adds error message checking after password submission
• Follows the same pattern as existing TOTP manual input flow

Changes

• src/browser/auth/methods/EmailLogin.ts: Add manual password input support with promptInput utility

Test plan

1. Configure an account without password
2. Run login flow, observe log: No password provided, awaiting manual input
3. Enter password in terminal, verify successful login
4. Test timeout scenario (no input for 120s)

[TheNetsky]

Why not just add the password to the accounts file? In what scenario do you want to not add one to the accounts.json and only want to do manual input?

[lucaszhongsj]

Why not just add the password to the accounts file? In what scenario do you want to not add one to the accounts.json and only want to do manual input?

It's mostly about flexibility. Right now, if a password is missing in accounts.json, the login just fails.

A couple of scenarios where this helps:

• Store password in config for automation
• Some people don't want passwords sitting in plaintext files, even with .gitignore.

Up to the user.

[mgrimace]

Wouldn't it be simpler to use Passwordless login? MS already has a flow for users if you don't want to store or expose a plaintext password.
Alternatively, docker version has support for .env files to avoid plaintext secrets.