Only first eight characters of passwords validated
CQ verifies only the first eight characters only of your password, and ignores the rest.
Use another encryption for your passwords (for example, sha1, md5) in your user template csd file. By default, you have:
<atom label="Password" driver="default" indexinghint="ignore" encorder="UNIXCRYPT" />
After the change:
<atom label="Password" driver="default" indexinghing="ignore" encoder="MD5" />
Reset the passwords of all the users that use this template. Otherwise, after a user dialog changes, users can't log in to the system.
The encryption used for CQ user password is UNIX crypt, which has a limit of eight characters.