feat(security): require PIN on launch and for tracking toggle

    When Admin Mode is enabled and a PIN is set, gate the main UI behind a PIN prompt and also require PIN to start/stop tracking from the main switch.