I just registered an account and had to choose a password with a max of 20 characters.
Who considers this limitation a good idea, 6 years past Snowden?
To formulate an idea and not just rant: Please get rid of the password limitation, you should hash it, so the length in your database is constant.
P.S.: Still searching for a proper bug tracker.