As another person stated, on another question, you didn't really answer why the 16 character limit was imposed in the first place. Is it due to some plugin? You don't think people will remember long passwords?
> It's a learning curve for us. That's why this kind of feedback is important.
Then I would suggest you to look out to the opposite problem, denial of service via long passwords (assuming that you correctly use a slow key derivation function).
e.g. Django now accept passwords with at most 4096 bytes because attackers used gigantic passwords that took a long time to hash
