Hash stored passcode rather than encrypt for improved security

[tonyr59h]

Reported via HackerOne. (<--Team only link)

Since BuildConfig.PASSWORD_ENC_SECRET and BuildConfig.PASSWORD_SALT are hard-coded it wouldn't take much effort to reverse engineer the stored PIN while a hashed PIN would have to be brute-forced.

Note: Update README

[tonyr59h]

After some discussion with @daniloercoli we decided to simply store the hashed passcode. This involves removing the hard-coded encryption keys (PASSWORD_ENC_SECRET and PASSWORD_SALT) and using String.hashCode() to store and verify PIN numbers.

What this means from a security standpoint is that reverse-engineering the PIN will be more difficult than brute-forcing the PIN.