So, before October, they were lousy at tracking downtime issues for 2 years (no downtime from 2016 to 2018), but in November, Microsoft came and gave them the technology to correctly track downtime, and they had their first downtime logged in November.
I would include there ANY website that imposes a maximum limit on the password length ... And it's not like a reasonable 255 chars or something. I've seen limitations to 8 characters! Why would you do that ?
Is this your argument?