@jerry LinkedIn: "Limit the password to 16 characters. Don't tell anyone, just truncate their input when they register the password.
Also don't truncate their password input when they try to log in, so it fails if they enter the same password as when they registered."