Add hooks to change password endpoint

Just like we've done with other endpoints. There are many potential use cases:

* If someone keeps getting their password wrong, we may want to log it
* When someone's password is successfully changed, we might want to send an email to that user
* We might want to do some custom validation on the password