Bug Report: missing maxlength="32" constraint on password fields on webpage Acount -> Settings -> Account Password

Currently this effectively locks out the user after having set a password with more than 32 characters followed by a log out;
the only way to log in again (without cheating) is to request a password reset.