Re: 20 char limit?
It amazes me the number of sites that make no mention of what their rules on password length and allowed character types actually are, leaving you to guess. The 'better' version at least tells you its too long or only alpha numerics are allowed, far too many allow it, then lock you out.
The variety MS uses on Onedrive suggests using letter and numbers up to 16 chars, then calls your randomised password crap whatever it is. But it does actually allow symbols (I suppose it might strip them) but still won't rate your password any better if it has them.
Smaller sites seem to be much better at laying out their policy explicitly, but only a fraction of large ones get it right. Not exactly taxing to get someone to spend an hour writing it out, is it?