What would you suggest to be a suitable password max length then?
Your server's max payload upload size limit? Which may be brought down a bit for the authentication routes?
Then divide it by three for password change pages. And then test that it works through every single piece of infra between the edge and your servers. And sure, then you can do that. But is that really adding that much actual security over 256 character passwords?
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.