549
NIST proposes barring some of the most nonsensical password rules
(arstechnica.com)
This is a most excellent place for technology news and articles.
I've run into similar: on the account creation page there was no character limit on the input box nor stated in the password requirements, but on the login page the password input box was limited to 14 characters. So you could successfully create an account with a long password, you just couldn't log in because it wouldn't let you enter the whole password.