The worst that can happen when you mess with form field lengths: no validation on entry to the database, but validation later when pulling it out to check it, so you're now locked out of your account.
Interesting, I didn't know that. So the worst that could happen is that I'd be locked out of their horribly insecure site and forced to use something better. I don't re-use passwords, and I declined to let them store my credit card details, so when they get hax0red, I won't lose anything worth stealing.
