Make the password length limit actually 100.
As it stands, the password length limit is 99 instead of 100 because in signup.js, it checked if the password is less than 100, as opposed to less than or equal to 100. This leads to a misleading error message stating that passwords must be between 8 and 100 characters.