Add password recovery feature

Ask for a security question when user first uses the app. Allow use of that security question to recover a lost password value.

To do this probably means storing the current password in a _different_ encrypted file, where that file is encrypted based on the answer to the security question.