Not sure how that suggests that at all. User inputs have some sort of cap (don't want someone using a 2GB string as their password). So naturally there's a conversation at some point about "what's our maximum password size".
If that conversation starts off at 1000 characters you're fine, but more often then not it looks more like:
"Make the requirement 8-12 characters"
"12 is too short"
"fine make it longer, like"
"Ok" [18 char implementation]
"Hey, Bob in accounting says he uses 20 char passwords"
Give me an iPhone though and I'd go insane. "would need a complete customization, redesign and rewrite" perfectly describes the iOS experience for me.