feat(security): add admin mode pin + device admin" \

  -m "Adds Admin Mode secured by a PIN (PBKDF2 hash) and optional Device Admin receiver to make uninstall harder.

- Protect Settings behind PIN when Admin Mode is enabled
- Protect Clear Track behind PIN
- Add security preferences + strings + device_admin.xml and receiver