Then it seems that many sites don't....
I always begin with a 40 character password and frequently need to shorten it in order to create accounts...
Discussion
40 might too much TBH. If it's completely random letters it's already more than 128 bits of entropy - more than what Bitcoin itself uses and considered unbreakable.
However if it's words or such it may be appropriate.