[hawkharris]

I agree. It is frustrating when websites place arbitrary limits on characters in a passphrase. It's even more frustrating when they add specific rules (e.g. must use at least one number) that actually lower the number of possible combos in the string.

[tombrossman]

The worst annoyance for me is when they accept my 32+ character password - which I generate and paste from a password manager - and then they silently truncate it to a shorter length! No error, nothing. I remember hearing about some services that did this but the longer passwords still worked, which gave users a false sense of security.

What I run into more frequently is that I have to click the 'Forgot password' link and reset it. Then I cross my fingers and wait to see if they email it back in plain text (this is unforgivable) so I can count the characters and learn what the max length is that way.