Translations:Manual:$wgMaximalPasswordLength/5/en

It is not recommended to make this greater than the default, as it can allow DoS attacks by users setting really long passwords.