Create a random password after TiDB installation

[DanielZhangQD]

Feature Request

Is your feature request related to a problem? Please describe:

Currently, TiDB will create a root user with no password by default. This is a potential security issue.
So we have to create a random password after TiDB is installed.
We can add a field in the spec to control whether to create a random password after installation, if yes, we can save the password in a secret and request the user to access the TiDB with that password and then change the password.
TiDB will force the user to change the password after the first login in future releases.
Describe the feature you'd like:

Describe alternatives you've considered:

Teachability, Documentation, Adoption, Migration Strategy:

[yiduoyunQ]

why we need implement save the password in a secret logic in operator side, not tidb side itself (by default)?

[DanielZhangQD]

why we need implement save the password in a secret logic in operator side, not tidb side itself (by default)?

@yiduoyunQ The password is created by TiDB Operator, it's reasonable to be saved by TiDB Operator too, where do you suggest saving the password?

[yiduoyunQ]

@DanielZhangQD seems TiUP is also responsible for creating random password after TiDB installation with --init argument #1700 , then it is meaningful to implement the same logic in TiDB Operator.