Why do some websites have password limits? I want to have unlimited characters for my password.

Maybe because it takes a lot of resources to encrypt very long passwords?

@Bobj2008 it's arbitrary. 10 characters is too free though.
Suppose you make a hard method to hash passwords that takes 1 second per average 8 character password on your hardware. If 100 people decide to authenticate at the same time with 80 character passwords, the server will have 1000 effective seconds of work to do, instead of just 100.

Or maybe I'm wrong and they're just stupid and irresponsible

Because 98% of the engineers whould pick pi as their password. Not so safe after all!

3 trillion characters and a server crash later...

@AndSoWeCode Fortunately, there are Nginx server that are optimized to handle numerous requests at the same time.

@F9lke it's not about nginx. It's not like nginx makes 100 computers pop up right away to start computing hashes.

@AndSoWeCode I am not saying that Nginx is the solution for the problem, but that it is optimized for that purpose.

@F9lke and I'm saying that nginx has nothing to do with this. nginx is just the program handling the http/https bullshit. Nothing to do with passwords.