some of you might have seen me tweet this. My pension system at work. I receive an email to setup an account. i generate a 41 character password, enter it in, accepted, when I try to login, i get username password invalid. Several resets they didn't work. So I reset password with a shorter one, 20 characters long. It worked. I suspect the devs trim the password into the database, so the INSERT works. But not bother to validate at the client/server side. And tell you

Seen this recently, hopefully more of an issue with validation on the front-end rather than storing the passwords in clear text 😅