There's really no technical reason to limit it to 16 characters -- a hash is the same length, no matter the size of the password (and I hope they're salting/hashing when storing the password...). If someone wants to protect their account with a 30 character passphrase, they should be able to do so.
History lesson: Microsoft used to limit passwords to 14 characters -- because internally they were storing it as two seven character hashes. Not good because a 7 character password is easy to crack.