Add password rules for carte-mobilite-inclusion.fr

[mlaunois]

Overall Checklist

• I agree to the project's Developer Certificate of Origin
• The top-level JSON objects are sorted alphabetically
• There are no open pull requests for the same update

for password-rules.json

• The given rule isn't particularly standard and obvious for password managers
• Generated passwords have been tested from this rule using the Password Rules Validation Tool
• Information has been included about the website's requirements (eg. screenshots, error messages, steps during experimentation, etc.)
• The PR isn't documenting something that would be a common practice among password managers (e.g. minimal length of 6)

This pull request adds password rules for carte-mobilite-inclusion.fr.

---

Despite officially allowing passwords with at least 12 characters and a lowercase letter, an uppercase letter and a digit, the carte-mobilite-inclusion.fr website does not allow symbols (such as hyphens) in account passwords:

(the "Forgot Password" page is used here because an account cannot be created directly on the website)

After further examination of their JavaScript source code, they seem to use the following regex to validate passwords:

/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])[A-Za-z0-9]{12,}$/

The website will also silently fail to update the password if it is longer than 30 characters:

• With a 31-character password, an HTTP 406 error occurs: (the token used to authenticate the request has been redacted)
• The password change request succeeds if the password has only 30 characters: