security: make the bcrypt cost configurable

[cockroach-teamcity]

Exalate commented:

cockroachdb/cockroach#74582 --- Release note (security update): For context, when configuring passwords for SQL users, if the client presents the password in cleartext via ALTER/CREATE USER/ROLE WITH PASSWORD, CockroachDB is responsible for hashing this password before storing it. By default, this hashing uses CockroachDB's bespoke crdb-bcrypt algorithm, itself based off the standard Bcrypt algorithm. The cost of this hashing function is now configurable via the new cluster setting server.user_login.password_hashes.default_cost.crdb_bcrypt. Its default value is 10, which corresponds to an approximate password check latency of 50-100ms on modern hardware. This value should be increased over time to reflect improvements to CPU performance: the latency should not become so small that it becomes feasible to bruteforce passwords via repeated login attempts. Future versions of CockroachDB will likely update the default accordingly.

Jira Issue: DOC-2278