ASVS v4.0.2-2.1.2 requires doing this as a "best practice" - https://github.com/OWASP/ASVS/blob/v4.0.2/4.0/en/0x11-V2-Authentication.md#v21-password-security-requirements
Verify that passwords 64 characters or longer are permitted but may be no longer than 128 characters
MW sets a limit of 4096