Bugfix for password length.

This is concealed so far because the character after the password is
always a NUL.  Soon it won't always be.