Maximum password length is bad
As mentioned previously I’ve started migrating my online accounts to use pwdhash Yesterday was the turn of ticketmaster. Well, it turns out their maximum password length is 12 characters. My key (let alone hashed password) is greater than 12 characters so I’ve had to leave it as it was, negating the security and convenience of using pwdhash. There is absolutely no reason ever (at least not that I can think of ;-)) to impose this limit on a password.