Microsoft have over five different places you can change a password (all of which conform to the same set of business rules). That's the issue, it isn't a pipeline issue, it is that Microsoft consolidated tons of different services under a Microsoft Account so have a ton of redundant ways of doing something.
Microsoft Accounts/.Net Account/Passports, are a huge mess in general that Microsoft need to fix. Password length restrictions still may not go away even if they did (for backwards compatibility reasons with older software/hardware still around).
Oh don't get me started about this mess. I use Skype for the browser rather than any of the installable clients. There are days when it's simply not possible to login when you're redirected around that whole MS "live login" thing.
Every other time I've logged into to a MS site (say my dev account for VS Community) some other login for something else run by MS breaks...then I have to go hunting down cookies to delete. I've wasted tens of hours of my life over the past few years on this crap.
Microsoft Accounts/.Net Account/Passports, are a huge mess in general that Microsoft need to fix. Password length restrictions still may not go away even if they did (for backwards compatibility reasons with older software/hardware still around).