Better than idiotic websites that enforce their character length limit on the client, but not on all pages on the client. So you can change your password to 123456789, but the login page will truncate it to 12345678
Strange. I tried just this morning before posting but I will update my password and try again.
edit: after updating my password it's now case sensitive, and allows special chars. As the sibling comment suggests, it looks like they have two different authentication routes and updating your password moves you onto the newer one.
I tried it with a new password today. The requirements were between 8 an 32 characters and some special characters allowed.
I just tried with all lower case letters and it rejected it. Prior to changing my password however, I experienced everything you described. They must have 2 systems and setting a new password must switch you to the new system. Can't fathom why they don't just mandate everyone changing their passwords.
I didn't know they changed their policy, so thanks :). Their old policy stripped out capital letters too which made it even less secure. Sadly it still doesn't allow all special characters, but it's a start.
If my password is "aBc123De" I can log in by entering the password "ABC123DEFOOBARBAZ".