Security: zeroize passwords in memory after CredSSP authentication

[CREVIOS]

Problem

The `SessionActor` stores the RDP password as `Option` in memory for the duration of the session. After CredSSP authentication completes, the password is no longer needed but stays in memory until the actor is dropped.

If the process memory is dumped (crash report, debugging, memory scanning malware), the plaintext password is exposed.

Fix

Use the `zeroize` crate to securely clear the password from memory after authentication:

```rust
use zeroize::Zeroize;

// After CredSSP completes successfully:
if let Some(ref mut pw) = self.password {
pw.zeroize();
}
self.password = None;
```

Or use `zeroize::Zeroizing` as the type:
```rust
password: Option<Zeroizing>,
```

This ensures the password is zeroed when dropped, even if we forget to clear it explicitly.

Files to modify

• `src-tauri/Cargo.toml` — add `zeroize = "1"`
• `src-tauri/src/rdp/session.rs` — change password type + zeroize after auth
• `src-tauri/src/rdp/client.rs` — accept `Zeroizing`

Priority: P2 — security hardening