I am sure you are quite correct - any limitation (within reasonable bounds for a web page control) is a strong indication that a web site is not hashing you password. At best they are encrypting it - and that is bad bad bad.
The only justification i've ever heard is that it's an attempt to prevent DOS attacks by forcing a site to try to hash multiple insanely long passwords.
I don't know if that's even valid though, it doesn't sound plausible to me.
It's plausible enough that Django released 1.5.4 to limit password length. Yes, they later 1.5.5 which removed the limit, but it still showed that it was a possible problem in some implementations.
I don't know if that's even valid though, it doesn't sound plausible to me.