The password requirements should be clearly stated. Also if you enter a password that cannot actually be applied it should let you know, not just blindly apply it with invalid characters removed (or whatever happened to my password after I submitted it).
Currently there are two locations to change your password:
Forum: Indicates 6-30 characters
"Edit Profile" (on main site): Indicates nothing
I wanted to update my password and foolishly broke out KeePass and generated a 20 character password (that happened to include some special characters). After having to reset my password 3 times I realized that there are no errors on invalid characters nor information about what characters are even allowed.