The limitation of 8 characters is an Apache limitation with the basic authentication mechanism that eHealth uses.
It actually had a limitation of 9 characters in the web UI, but this was a bug. It really only should have been 8.
When the user administration was moved to OneClick, the UI allowed up to 50 characters. This was a bug.
Anything you type past 8 characters is ignored by Apache (at least on UNIX).
The OneClick UI was fixed to put back the limitation of 8. It was a bug to allow users to put more than 8 characters to begin with.
On Windows, if one had taken advantage of the UI bug and set the password to more than 8 characters, it did work and will continue to do
so. But now that we have fixed that bug, when an attempt is made to change the password, the UI will only allow up to 8 characters for the new
password.