Add PepperPasswordEncoder

[KoreaNirsa]

This PR adds PepperPasswordEncoder, a PasswordEncoder decorator that appends a server-side pepper to the raw password before delegating to another PasswordEncoder.

The goal is to let applications add a pepper without replacing, subclassing, or manually wrapping their existing password encoder configuration.

Unlike a per-password salt, the pepper is not stored with the encoded password. It must be stored separately from the password database, for example in an environment variable or secret manager.

The delegate remains responsible for:

• password hashing
• per-password salt generation
• encoded password storage format
• upgradeEncoding decisions

For example:

PasswordEncoder delegate = PasswordEncoderFactories.createDelegatingPasswordEncoder();
PasswordEncoder encoder = new PepperPasswordEncoder(delegate, pepper);

The delegated input is equivalent to:

delegate.encode(rawPassword + pepper);
delegate.matches(rawPassword + pepper, encodedPassword);

This PR also adds unit tests and password storage documentation for PepperPasswordEncoder.

Related #18299.

Design Note

This PR currently appends the pepper to the raw password before delegating:

delegate.encode(rawPassword + pepper);
delegate.matches(rawPassword + pepper, encodedPassword);

I also considered an HMAC-SHA256-based approach, where the pepper is used as the HMAC key before delegating to the configured PasswordEncoder. That could avoid delegate input-length limits, such as BCrypt's 72-byte limit.

I kept this implementation as a simple decorator so that the delegate's behavior remains as close as possible to existing PasswordEncoder behavior, with only the pepper added. I am happy to adjust this if the team prefers the HMAC-based design.