[feature]: improve --password flag description with security guidance in login command

[gcharpe1604]

Problem

The --password / -p flag in the harbor login command has a minimal description (Password) that gives users no indication of the security risk. Passing passwords via -p stores them in plain text in shell history (e.g., ~/.bash_history, ~/.zsh_history), which is a well-known security anti-pattern. Users are not guided toward the safer --password-stdin alternative.
Current output of harbor login --help:

-p, --password string Password

Proposed Solution

Update the --password flag description to warn users about the shell history risk and recommend --password-stdin:

-p, --password string Password (not recommended, use --password-stdin for better security)

This is a one-line documentation improvement with zero behavior change, following the same convention used by docker login.

Alternatives Considered

• Adding a runtime log.Warn() when -p is used — more intrusive, changes actual behavior
• Deprecating -p entirely — too breaking for existing users and scripts
• The flag description update is the least invasive and most widely adopted approach

Additional Context

This follows the convention of docker login, which shows:

WARNING! Using --password via the CLI is insecure. Use --password-stdin.

Files affected

• cmd/harbor/root/login.go
• doc/cli-docs/harbor-login.md
• doc/man-docs/man1/harbor-login.1

[gcharpe1604]

I've submitted a PR for this: #855