Enhance authorization security for new and existing user accounts

[michealengland]

At the moment authorization is very basic. This will require some research around the following:

Some general questions to think about

1. How can authorization and be easier, is email / password the best way moving forward?
2. What happens if too many failed attempts occur
3. How should new users be approved / created? Especially while this app is in demo mode.