From a7d5b6a4774c92736c89e8d6122b13c75c8d17c8 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sun, 3 Nov 2019 22:54:23 +0100
Subject: Linux/MacOSX: Add switch to force the use of legacy maximum password
 length (64 UTF8 bytes)

The switch is --legacy-password-maxlength
---
 Translations/Language.ar.xml           |  1 +
 Translations/Language.be.xml           |  3 ++-
 Translations/Language.bg.xml           |  3 ++-
 Translations/Language.ca.xml           |  3 ++-
 Translations/Language.cs.xml           |  1 +
 Translations/Language.da.xml           |  3 ++-
 Translations/Language.de.xml           |  1 +
 Translations/Language.el.xml           |  1 +
 Translations/Language.es.xml           |  1 +
 Translations/Language.et.xml           |  3 ++-
 Translations/Language.eu.xml           |  1 +
 Translations/Language.fa.xml           |  3 ++-
 Translations/Language.fi.xml           |  1 +
 Translations/Language.fr.xml           |  1 +
 Translations/Language.hu.xml           |  3 ++-
 Translations/Language.id.xml           |  3 ++-
 Translations/Language.it.xml           |  1 +
 Translations/Language.ja.xml           |  1 +
 Translations/Language.ka.xml           |  3 ++-
 Translations/Language.ko.xml           |  1 +
 Translations/Language.lv.xml           |  3 ++-
 Translations/Language.my.xml           |  1 +
 Translations/Language.nl.xml           |  1 +
 Translations/Language.nn.xml           |  1 +
 Translations/Language.pl.xml           |  1 +
 Translations/Language.pt-br.xml        |  1 +
 Translations/Language.ro.xml           |  1 +
 Translations/Language.ru.xml           |  3 ++-
 Translations/Language.sk.xml           |  3 ++-
 Translations/Language.sl.xml           |  3 ++-
 Translations/Language.sv.xml           |  1 +
 Translations/Language.th.xml           |  1 +
 Translations/Language.tr.xml           |  3 ++-
 Translations/Language.uk.xml           |  1 +
 Translations/Language.uz.xml           |  3 ++-
 Translations/Language.vi.xml           |  3 ++-
 Translations/Language.zh-cn.xml        |  1 +
 Translations/Language.zh-hk.xml        |  1 +
 Translations/Language.zh-tw.xml        |  1 +
 src/Common/Language.xml                |  1 +
 src/Main/CommandLineInterface.cpp      | 26 +++++++++++++++++---------
 src/Main/CommandLineInterface.h        |  5 +++--
 src/Main/Forms/VolumePasswordPanel.cpp | 14 ++++++++------
 src/Main/Forms/WaitDialog.cpp          |  1 +
 src/Main/TextUserInterface.cpp         |  4 ++--
 src/Main/UserInterface.cpp             |  5 ++++-
 src/Volume/VolumePassword.h            |  1 +
 47 files changed, 92 insertions(+), 36 deletions(-)

diff --git a/Translations/Language.ar.xml b/Translations/Language.ar.xml
index 3a67693d..c6dc5dc5 100644
--- a/Translations/Language.ar.xml
+++ b/Translations/Language.ar.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="ar" key="IDT_BENCHMARK">مقايسة الأداء:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="ar" key="LEGACY_PASSWORD_UTF8_TOO_LONG">كلمة السر المدخلة طويلة: تمثيلها بصيغة UTF-8 يزيد عن 128 بايت.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.be.xml b/Translations/Language.be.xml
index 24d6229a..3ac70420 100644
--- a/Translations/Language.be.xml
+++ b/Translations/Language.be.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="be" key="IDT_BENCHMARK">Тэст хуткасці:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.bg.xml b/Translations/Language.bg.xml
index fd4d8926..7c591c63 100644
--- a/Translations/Language.bg.xml
+++ b/Translations/Language.bg.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="bg" key="IDT_BENCHMARK">Тест:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.ca.xml b/Translations/Language.ca.xml
index d814b08c..d2a1daf1 100644
--- a/Translations/Language.ca.xml
+++ b/Translations/Language.ca.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="ca" key="IDT_BENCHMARK">Prova de rendiment:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.cs.xml b/Translations/Language.cs.xml
index 4dc2463a..916dd77d 100644
--- a/Translations/Language.cs.xml
+++ b/Translations/Language.cs.xml
@@ -1437,6 +1437,7 @@
     <entry lang="cs" key="IDC_ENABLE_RAM_ENCRYPTION">Aktivovat šifrování klíčů a hesel uložených v paměti RAM</entry>
     <entry lang="cs" key="IDT_BENCHMARK">Test výkonu:</entry>
     <entry lang="cs" key="IDC_DISABLE_MOUNT_MANAGER">Vytvořit virtuální zařízení bez připojení na vybrané písmeno jednotky</entry>
+    <entry lang="cs" key="LEGACY_PASSWORD_UTF8_TOO_LONG">Zadané heslo je moc dlouhé: jeho reprezentace v UTF-8 přesahuje 64 bajtů.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.da.xml b/Translations/Language.da.xml
index d21d0f3e..58141ce1 100644
--- a/Translations/Language.da.xml
+++ b/Translations/Language.da.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.de.xml b/Translations/Language.de.xml
index 95563cc0..828dc130 100644
--- a/Translations/Language.de.xml
+++ b/Translations/Language.de.xml
@@ -1440,6 +1440,7 @@
     <entry lang="de" key="IDC_ENABLE_RAM_ENCRYPTION">Verschlüsselung der im Arbeitsspeicher gespeicherten Schlüssel und Passwörter aktivieren</entry>
     <entry lang="de" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="de" key="IDC_DISABLE_MOUNT_MANAGER">Nur virtuelles Gerät erstellen ohne Einbinden auf dem ausgewählten Laufwerksbuchstaben</entry>
+    <entry lang="de" key="LEGACY_PASSWORD_UTF8_TOO_LONG">Das eingegebene Passwort ist zu lang: Kodiert mit UTF-8 überschreitet es 64 Byte.</entry>
   </localization>
   <!-- XML-Schema -->
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.el.xml b/Translations/Language.el.xml
index e58e53f3..b048e049 100644
--- a/Translations/Language.el.xml
+++ b/Translations/Language.el.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.es.xml b/Translations/Language.es.xml
index c958e468..68d16edb 100644
--- a/Translations/Language.es.xml
+++ b/Translations/Language.es.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="es" key="IDT_BENCHMARK">Comparación:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="es" key="LEGACY_PASSWORD_UTF8_TOO_LONG">La contraseña introducida es demasiado larga: su representación en UTF-8 excede de 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.et.xml b/Translations/Language.et.xml
index 3e152699..2d8d4b64 100644
--- a/Translations/Language.et.xml
+++ b/Translations/Language.et.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="et" key="IDT_BENCHMARK">Jõudlustest:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.eu.xml b/Translations/Language.eu.xml
index e0145243..a3b4099e 100644
--- a/Translations/Language.eu.xml
+++ b/Translations/Language.eu.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="eu" key="IDT_BENCHMARK">Proba-Bankua:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.fa.xml b/Translations/Language.fa.xml
index 5c51f4c4..e91bf4a0 100644
--- a/Translations/Language.fa.xml
+++ b/Translations/Language.fa.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.fi.xml b/Translations/Language.fi.xml
index 8b15fb03..2a0b8de5 100644
--- a/Translations/Language.fi.xml
+++ b/Translations/Language.fi.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="fi" key="IDT_BENCHMARK">Nopeustesti:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="fi" key="LEGACY_PASSWORD_UTF8_TOO_LONG">Syötetty salasana on liian pitkä: sen UTF-8-esitys ylittää 64 tavua.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.fr.xml b/Translations/Language.fr.xml
index 7623dc5a..1ff853a8 100644
--- a/Translations/Language.fr.xml
+++ b/Translations/Language.fr.xml
@@ -1437,6 +1437,7 @@
     <entry lang="fr" key="IDC_ENABLE_RAM_ENCRYPTION">Activer le chiffrement des clefs et des mots de passe stockés en RAM</entry>
     <entry lang="fr" key="IDT_BENCHMARK">Banc de test:</entry>
     <entry lang="fr" key="IDC_DISABLE_MOUNT_MANAGER">Créer seulement le périphérique virtuel sans montage à la lettre de lecteur</entry>
+    <entry lang="fr" key="LEGACY_PASSWORD_UTF8_TOO_LONG">Le mot de passe saisi est trop long: sa representation UTF-8 dépasse 64 octets.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.hu.xml b/Translations/Language.hu.xml
index 3d1e2ba3..dae3c0e8 100644
--- a/Translations/Language.hu.xml
+++ b/Translations/Language.hu.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="hu" key="IDT_BENCHMARK">Sebességteszt:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="hu" key="LEGACY_PASSWORD_UTF8_TOO_LONG">A beütött jelszó túl hosszú. Az UTF-8 kódolása meghaladja a 64 bájtot.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.id.xml b/Translations/Language.id.xml
index 09abd4dc..7a534f33 100644
--- a/Translations/Language.id.xml
+++ b/Translations/Language.id.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="id" key="IDT_BENCHMARK">Penguji:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.it.xml b/Translations/Language.it.xml
index bf3e5b84..d8c2513f 100644
--- a/Translations/Language.it.xml
+++ b/Translations/Language.it.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="it" key="IDT_BENCHMARK">Riferimenti:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="it" key="LEGACY_PASSWORD_UTF8_TOO_LONG">La password inserita è troppo lunga: la sua rappresentazione in UTF-8 supera i 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.ja.xml b/Translations/Language.ja.xml
index a2444f75..c783ca1e 100644
--- a/Translations/Language.ja.xml
+++ b/Translations/Language.ja.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="ja" key="IDT_BENCHMARK">ベンチマーク:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.ka.xml b/Translations/Language.ka.xml
index b1ba09cf..3ad84c1c 100644
--- a/Translations/Language.ka.xml
+++ b/Translations/Language.ka.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="ko" key="IDT_BENCHMARK">სიჩქარის ტესტი:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.ko.xml b/Translations/Language.ko.xml
index df30837a..3b3722b7 100644
--- a/Translations/Language.ko.xml
+++ b/Translations/Language.ko.xml
@@ -1437,6 +1437,7 @@
     <entry lang="ko" key="IDC_ENABLE_RAM_ENCRYPTION">RAM에 저장된 키 및 암호의 암호화를 활성화합니다.</entry>
     <entry lang="ko" key="IDT_BENCHMARK">벤치마크:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="ko" key="LEGACY_PASSWORD_UTF8_TOO_LONG">입력한 암호가 너무 깁니다. UTF-8 표시가 64바이트를 초과합니다.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.lv.xml b/Translations/Language.lv.xml
index 1b0aafff..745ef82e 100644
--- a/Translations/Language.lv.xml
+++ b/Translations/Language.lv.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="lv" key="IDT_BENCHMARK">Etalons:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.my.xml b/Translations/Language.my.xml
index fbe824b5..b6f23c92 100644
--- a/Translations/Language.my.xml
+++ b/Translations/Language.my.xml
@@ -1439,6 +1439,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.nl.xml b/Translations/Language.nl.xml
index 833fcac2..ca81092d 100644
--- a/Translations/Language.nl.xml
+++ b/Translations/Language.nl.xml
@@ -1438,6 +1438,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="nl" key="LEGACY_PASSWORD_UTF8_TOO_LONG">Het opgegeven wachtwoord is te lang: de UTF-8 weergave is meer dan 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.nn.xml b/Translations/Language.nn.xml
index 68888d98..5cfd0f9b 100644
--- a/Translations/Language.nn.xml
+++ b/Translations/Language.nn.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="nn" key="IDT_BENCHMARK">Ytingsprøve:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.pl.xml b/Translations/Language.pl.xml
index 26e3ad58..1f007d0e 100644
--- a/Translations/Language.pl.xml
+++ b/Translations/Language.pl.xml
@@ -1437,6 +1437,7 @@
     <entry lang="pl" key="IDC_ENABLE_RAM_ENCRYPTION">Aktywuj szyfrowanie kluczy i haseł przechowywanych w RAM</entry>
     <entry lang="pl" key="IDT_BENCHMARK">Testowanie:</entry>
     <entry lang="pl" key="IDC_DISABLE_MOUNT_MANAGER">Utwórz tylko urządzenie wirtualne bez montowania na wybranej literze dysku</entry>
+    <entry lang="pl" key="LEGACY_PASSWORD_UTF8_TOO_LONG">Wpisane hasło jest zbyt długie: jego reprezentacja UTF-8 przekracza 64 bajty.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.pt-br.xml b/Translations/Language.pt-br.xml
index 055c8090..ec0f210c 100644
--- a/Translations/Language.pt-br.xml
+++ b/Translations/Language.pt-br.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.ro.xml b/Translations/Language.ro.xml
index 23079f9d..36601230 100644
--- a/Translations/Language.ro.xml
+++ b/Translations/Language.ro.xml
@@ -1437,6 +1437,7 @@
     <entry lang="ro" key="IDC_ENABLE_RAM_ENCRYPTION">Activare criptare chei și parole stocate în RAM</entry>
     <entry lang="ro" key="IDT_BENCHMARK">Evaluare:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="ro" key="LEGACY_PASSWORD_UTF8_TOO_LONG">Parola introdusă este prea lungă: reprezentarea sa în UTF-8 depășește 64 de baiți.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.ru.xml b/Translations/Language.ru.xml
index 86540427..4b63ee7c 100644
--- a/Translations/Language.ru.xml
+++ b/Translations/Language.ru.xml
@@ -1436,7 +1436,8 @@
     <entry lang="ru" key="IDC_USE_LEGACY_MAX_PASSWORD_LENGTH">Устаревшая предельная длина пароля (64 символа)</entry>
     <entry lang="ru" key="IDC_ENABLE_RAM_ENCRYPTION">Шифровать ключи и пароли в ОЗУ</entry>
     <entry lang="ru" key="IDT_BENCHMARK">Тест:</entry>
-    <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Только создать виртуальное устройство, не монтируя на букву диска</entry>
+    <entry lang="ru" key="IDC_DISABLE_MOUNT_MANAGER">Только создать виртуальное устройство, не монтируя на букву диска</entry>
+    <entry lang="ru" key="LEGACY_PASSWORD_UTF8_TOO_LONG">Слишком длинный пароль: в UTF-8 он превышает 64 байт.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.sk.xml b/Translations/Language.sk.xml
index 667c3c34..69111fed 100644
--- a/Translations/Language.sk.xml
+++ b/Translations/Language.sk.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.sl.xml b/Translations/Language.sl.xml
index 472ec9ed..160b94a8 100644
--- a/Translations/Language.sl.xml
+++ b/Translations/Language.sl.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.sv.xml b/Translations/Language.sv.xml
index c41439e2..8072b210 100644
--- a/Translations/Language.sv.xml
+++ b/Translations/Language.sv.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="sv" key="IDT_BENCHMARK">Prestandamätning:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.th.xml b/Translations/Language.th.xml
index 002c383d..95591d0e 100644
--- a/Translations/Language.th.xml
+++ b/Translations/Language.th.xml
@@ -1438,6 +1438,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.tr.xml b/Translations/Language.tr.xml
index ba076b2d..b478628a 100644
--- a/Translations/Language.tr.xml
+++ b/Translations/Language.tr.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="tr" key="IDT_BENCHMARK">Hız Testi:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.uk.xml b/Translations/Language.uk.xml
index 2db10336..ea6d030c 100644
--- a/Translations/Language.uk.xml
+++ b/Translations/Language.uk.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="uk" key="IDT_BENCHMARK">Тест швидкості:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.uz.xml b/Translations/Language.uz.xml
index 619c31b3..0455932d 100644
--- a/Translations/Language.uz.xml
+++ b/Translations/Language.uz.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="uz" key="IDT_BENCHMARK">Тест скорости:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.vi.xml b/Translations/Language.vi.xml
index d105bacf..47a85118 100644
--- a/Translations/Language.vi.xml
+++ b/Translations/Language.vi.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="vi" key="IDT_BENCHMARK">Tiêu chuẩn:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
@@ -1480,4 +1481,4 @@
       </xs:complexType>
     </xs:element>
   </xs:schema>
-</VeraCrypt>
\ No newline at end of file
+</VeraCrypt>
diff --git a/Translations/Language.zh-cn.xml b/Translations/Language.zh-cn.xml
index c8db1dd7..bfd8c954 100644
--- a/Translations/Language.zh-cn.xml
+++ b/Translations/Language.zh-cn.xml
@@ -1437,6 +1437,7 @@
     <entry lang="zh-cn" key="IDC_ENABLE_RAM_ENCRYPTION">激活存储在RAM中的密钥和密码加密</entry>
     <entry lang="zh-cn" key="IDT_BENCHMARK">基准测试:</entry>
     <entry lang="zh-cn" key="IDC_DISABLE_MOUNT_MANAGER">仅创建虚拟设备而不加载在选定的盘符上</entry>
+    <entry lang="zh-cn" key="LEGACY_PASSWORD_UTF8_TOO_LONG">键入的密码过长：在UTF-8下已超过64字节。</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.zh-hk.xml b/Translations/Language.zh-hk.xml
index f7cc26d0..e62b82fd 100644
--- a/Translations/Language.zh-hk.xml
+++ b/Translations/Language.zh-hk.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="zh-hk" key="IDT_BENCHMARK">基準測試:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/Translations/Language.zh-tw.xml b/Translations/Language.zh-tw.xml
index c437e8bc..3b29a219 100644
--- a/Translations/Language.zh-tw.xml
+++ b/Translations/Language.zh-tw.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index 45636d5f..18dbaf1a 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -1437,6 +1437,7 @@
     <entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>
     <entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>
     <entry lang="en" key="IDC_DISABLE_MOUNT_MANAGER">Only create virtual device without mounting on selected drive letter</entry>
+    <entry lang="en" key="LEGACY_PASSWORD_UTF8_TOO_LONG">The entered password is too long: its UTF-8 representation exceeds 64 bytes.</entry>
   </localization>
   <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
     <xs:element name="VeraCrypt">
diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp
index 171bd165..0360921b 100644
--- a/src/Main/CommandLineInterface.cpp
+++ b/src/Main/CommandLineInterface.cpp
@@ -31,6 +31,7 @@ namespace VeraCrypt
 		ArgVolumeType (VolumeType::Unknown),
 		ArgTrueCryptMode (false),
 		ArgDisableFileSizeCheck (false),
+		ArgUseLegacyPassword (false),
 		StartBackgroundTask (false)
 	{
 		wxCmdLineParser parser;
@@ -98,6 +99,7 @@ namespace VeraCrypt
 		parser.AddParam (								_("Volume path"), wxCMD_LINE_VAL_STRING, wxCMD_LINE_PARAM_OPTIONAL);
 		parser.AddParam (								_("Mount point"), wxCMD_LINE_VAL_STRING, wxCMD_LINE_PARAM_OPTIONAL);
 		parser.AddSwitch (L"",	L"no-size-check",		_("Disable check of container size against disk free space."));
+		parser.AddSwitch (L"",	L"legacy-password-maxlength", _("Use legacy maximum password length (64 UTF-8 bytes)"));
 
 		wxString str;
 		bool param1IsVolume = false;
@@ -336,6 +338,7 @@ namespace VeraCrypt
 
 		ArgTrueCryptMode = parser.Found (L"truecrypt");
 		ArgDisableFileSizeCheck = parser.Found (L"no-size-check");
+		ArgUseLegacyPassword = parser.Found (L"legacy-password-maxlength") || ArgTrueCryptMode;		
 
 #if !defined(TC_WINDOWS) && !defined(TC_MACOSX)
 		if (parser.Found (L"fs-options", &str))
@@ -407,7 +410,7 @@ namespace VeraCrypt
 			ArgNewKeyfiles = ToKeyfileList (str);
 
 		if (parser.Found (L"new-password", &str))
-			ArgNewPassword = ToUTF8Password (str.c_str());
+			ArgNewPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 
 		if (parser.Found (L"new-pim", &str))
 		{
@@ -446,7 +449,7 @@ namespace VeraCrypt
 		{
 			if (Preferences.UseStandardInput)
 				throw_err (L"--password cannot be used with --stdin");
-			ArgPassword = ToUTF8Password (str.c_str());
+			ArgPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 		}
 
 		if (parser.Found (L"pim", &str))
@@ -487,7 +490,7 @@ namespace VeraCrypt
 
 		if (parser.Found (L"protection-password", &str))
 		{
-			ArgMountOptions.ProtectionPassword = ToUTF8Password (str.c_str());
+			ArgMountOptions.ProtectionPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 			ArgMountOptions.Protection = VolumeProtection::HiddenVolumeReadOnly;
 		}
 
@@ -601,7 +604,7 @@ namespace VeraCrypt
 
         if (parser.Found (L"token-pin", &str) && !str.IsEmpty ())
         {
-            ArgTokenPin = ToUTF8Buffer (str.c_str(), str.Len ());
+            ArgTokenPin = ToUTF8Buffer (str.c_str(), str.Len (), ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
         }
 
 		if (parser.Found (L"verbose"))
@@ -776,18 +779,18 @@ namespace VeraCrypt
 		return filteredVolumes;
 	}
 
-	shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount)
+	shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount, size_t maxUtf8Len)
 	{
 		if (charCount > 0)
 		{
-			shared_ptr<SecureBuffer> utf8Buffer = ToUTF8Buffer (str, charCount);
+			shared_ptr<SecureBuffer> utf8Buffer = ToUTF8Buffer (str, charCount, maxUtf8Len);
 			return shared_ptr<VolumePassword>(new VolumePassword (*utf8Buffer));
 		}
 		else
 			return shared_ptr<VolumePassword>(new VolumePassword ());
 	}
 
-	shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount)
+	shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount, size_t maxUtf8Len)
 	{
 		if (charCount == (size_t) -1)
 			charCount = wcslen (str);
@@ -802,8 +805,13 @@ namespace VeraCrypt
 			ulen = utf8.FromWChar ((char*) (byte*) passwordBuf, ulen, str, charCount);
 			if (wxCONV_FAILED == ulen)
 				throw PasswordUTF8Invalid (SRC_POS);
-			if (ulen > VolumePassword::MaxSize)
-				throw PasswordUTF8TooLong (SRC_POS);
+			if (ulen > maxUtf8Len)
+			{
+				if (maxUtf8Len == VolumePassword::MaxLegacySize)
+					throw PasswordLegacyUTF8TooLong (SRC_POS);
+				else
+					throw PasswordUTF8TooLong (SRC_POS);
+			}
 
 			ConstBufferPtr utf8Buffer ((byte*) passwordBuf, ulen);
 			return shared_ptr<SecureBuffer>(new SecureBuffer (utf8Buffer));
diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h
index 9fd67a27..ef4836e6 100644
--- a/src/Main/CommandLineInterface.h
+++ b/src/Main/CommandLineInterface.h
@@ -84,6 +84,7 @@ namespace VeraCrypt
 		bool ArgTrueCryptMode;
         shared_ptr<SecureBuffer> ArgTokenPin;
         bool ArgDisableFileSizeCheck;
+        bool ArgUseLegacyPassword;
 
 		bool StartBackgroundTask;
 		UserPreferences Preferences;
@@ -98,8 +99,8 @@ namespace VeraCrypt
 		CommandLineInterface &operator= (const CommandLineInterface &);
 	};
 
-	shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount = (size_t) -1);
-	shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount = (size_t) -1);
+	shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount, size_t maxUtf8Len);
+	shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount, size_t maxUtf8Len);
 
 	extern auto_ptr <CommandLineInterface> CmdLine;
 }
diff --git a/src/Main/Forms/VolumePasswordPanel.cpp b/src/Main/Forms/VolumePasswordPanel.cpp
index 8d5e8bc5..ac30075e 100644
--- a/src/Main/Forms/VolumePasswordPanel.cpp
+++ b/src/Main/Forms/VolumePasswordPanel.cpp
@@ -21,6 +21,7 @@ namespace VeraCrypt
 	VolumePasswordPanel::VolumePasswordPanel (wxWindow* parent, MountOptions* options, shared_ptr <VolumePassword> password, bool disableTruecryptMode, shared_ptr <KeyfileList> keyfiles, bool enableCache, bool enablePassword, bool enableKeyfiles, bool enableConfirmation, bool enablePkcs5Prf, bool isMountPassword, const wxString &passwordLabel)
 		: VolumePasswordPanelBase (parent), Keyfiles (new KeyfileList), EnablePimEntry (true)
 	{
+		size_t maxPasswordLength = CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize;
 		if (keyfiles)
 		{
 			*Keyfiles = *keyfiles;
@@ -32,8 +33,8 @@ namespace VeraCrypt
 			UseKeyfilesCheckBox->SetValue (Gui->GetPreferences().UseKeyfiles && !Keyfiles->empty());
 		}
 
-		PasswordTextCtrl->SetMaxLength (VolumePassword::MaxSize);
-		ConfirmPasswordTextCtrl->SetMaxLength (VolumePassword::MaxSize);
+		PasswordTextCtrl->SetMaxLength (maxPasswordLength);
+		ConfirmPasswordTextCtrl->SetMaxLength (maxPasswordLength);
 
 		if (!passwordLabel.empty())
 		{
@@ -195,9 +196,10 @@ namespace VeraCrypt
 		FreezeScope freeze (this);
 		bool isPim = (*textCtrl == VolumePimTextCtrl);
 		int colspan = isPim? 1 : 2;
+		size_t maxPasswordLength = CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize;
 
 		wxTextCtrl *newTextCtrl = new wxTextCtrl (this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, display ? 0 : wxTE_PASSWORD);
-		newTextCtrl->SetMaxLength (isPim? MAX_PIM_DIGITS : VolumePassword::MaxSize);
+		newTextCtrl->SetMaxLength (isPim? MAX_PIM_DIGITS : maxPasswordLength);
 		newTextCtrl->SetValue ((*textCtrl)->GetValue());
 		newTextCtrl->SetMinSize ((*textCtrl)->GetSize());
 
@@ -226,12 +228,12 @@ namespace VeraCrypt
 	{
 		shared_ptr <VolumePassword> password;
 		wchar_t passwordBuf[VolumePassword::MaxSize + 1];
-		size_t maxPasswordLength = bLegacyPassword? VolumePassword::MaxLegacySize: VolumePassword::MaxSize;
+		size_t maxPasswordLength = (bLegacyPassword || CmdLine->ArgUseLegacyPassword)? VolumePassword::MaxLegacySize: VolumePassword::MaxSize;
 		finally_do_arg (BufferPtr, BufferPtr (reinterpret_cast <byte *> (passwordBuf), sizeof (passwordBuf)), { finally_arg.Erase(); });
 
 #ifdef TC_WINDOWS
 		int len = GetWindowText (static_cast <HWND> (textCtrl->GetHandle()), passwordBuf, VolumePassword::MaxSize + 1);
-		password = ToUTF8Password (passwordBuf, len);
+		password = ToUTF8Password (passwordBuf, len, maxPasswordLength);
 #else
 		wxString passwordStr (textCtrl->GetValue());	// A copy of the password is created here by wxWidgets, which cannot be erased
 		for (size_t i = 0; i < passwordStr.size() && i < maxPasswordLength; ++i)
@@ -239,7 +241,7 @@ namespace VeraCrypt
 			passwordBuf[i] = (wchar_t) passwordStr[i];
 			passwordStr[i] = L'X';
 		}
-		password = ToUTF8Password (passwordBuf, passwordStr.size() <= maxPasswordLength ? passwordStr.size() : maxPasswordLength);
+		password = ToUTF8Password (passwordBuf, passwordStr.size() <= maxPasswordLength ? passwordStr.size() : maxPasswordLength, maxPasswordLength);
 #endif
 		return password;
 	}
diff --git a/src/Main/Forms/WaitDialog.cpp b/src/Main/Forms/WaitDialog.cpp
index d3372db0..32555d3b 100644
--- a/src/Main/Forms/WaitDialog.cpp
+++ b/src/Main/Forms/WaitDialog.cpp
@@ -38,6 +38,7 @@ namespace VeraCrypt
 		VC_CONVERT_EXCEPTION (PasswordEmpty);
 		VC_CONVERT_EXCEPTION (PasswordTooLong);
 		VC_CONVERT_EXCEPTION (PasswordUTF8TooLong);
+		VC_CONVERT_EXCEPTION (PasswordLegacyUTF8TooLong);
 		VC_CONVERT_EXCEPTION (PasswordUTF8Invalid);
 		VC_CONVERT_EXCEPTION (UnportablePassword);
 		VC_CONVERT_EXCEPTION (ElevationFailed);
diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp
index 1e007fc7..69d45af4 100644
--- a/src/Main/TextUserInterface.cpp
+++ b/src/Main/TextUserInterface.cpp
@@ -125,7 +125,7 @@ namespace VeraCrypt
 
 			if (verify && verPhase)
 			{
-				shared_ptr <VolumePassword> verPassword = ToUTF8Password (passwordBuf, length);
+				shared_ptr <VolumePassword> verPassword = ToUTF8Password (passwordBuf, length, CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 
 				if (*password != *verPassword)
 				{
@@ -136,7 +136,7 @@ namespace VeraCrypt
 				}
 			}
 
-			password = ToUTF8Password (passwordBuf, length);
+			password = ToUTF8Password (passwordBuf, length, CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 
 			if (!verPhase)
 			{
diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp
index ebad35da..7c29bbe0 100644
--- a/src/Main/UserInterface.cpp
+++ b/src/Main/UserInterface.cpp
@@ -464,6 +464,7 @@ namespace VeraCrypt
 		EX2MSG (PasswordOrMountOptionsIncorrect,	LangString["PASSWORD_OR_KEYFILE_OR_MODE_WRONG"] + _("\n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'Options >' > 'Mount partition using system encryption'."));
 		EX2MSG (PasswordTooLong,					StringFormatter (_("Password is longer than {0} characters."), (int) VolumePassword::MaxSize));
 		EX2MSG (PasswordUTF8TooLong,				LangString["PASSWORD_UTF8_TOO_LONG"]);
+		EX2MSG (PasswordLegacyUTF8TooLong,			LangString["LEGACY_PASSWORD_UTF8_TOO_LONG"]);
 		EX2MSG (PasswordUTF8Invalid,				LangString["PASSWORD_UTF8_INVALID"]);
 		EX2MSG (PartitionDeviceRequired,			_("Partition device required."));
 		EX2MSG (ProtectionPasswordIncorrect,		_("Incorrect password to the protected hidden volume or the hidden volume does not exist."));
@@ -908,7 +909,8 @@ namespace VeraCrypt
 			wstring pwdInput;
 			getline(wcin, pwdInput);
 
-			cmdLine.ArgPassword = ToUTF8Password ( pwdInput.c_str (), pwdInput.size ());
+			size_t maxUtf8Len = cmdLine.ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize;
+			cmdLine.ArgPassword = ToUTF8Password ( pwdInput.c_str (), pwdInput.size (), maxUtf8Len);
 		}
 
 		switch (cmdLine.ArgCommand)
@@ -1575,6 +1577,7 @@ namespace VeraCrypt
 		VC_CONVERT_EXCEPTION (PasswordEmpty);
 		VC_CONVERT_EXCEPTION (PasswordTooLong);
 		VC_CONVERT_EXCEPTION (PasswordUTF8TooLong);
+		VC_CONVERT_EXCEPTION (PasswordLegacyUTF8TooLong);
 		VC_CONVERT_EXCEPTION (PasswordUTF8Invalid);
 		VC_CONVERT_EXCEPTION (UnportablePassword);
 		VC_CONVERT_EXCEPTION (ElevationFailed);
diff --git a/src/Volume/VolumePassword.h b/src/Volume/VolumePassword.h
index d82d0f43..f4a3ccbe 100644
--- a/src/Volume/VolumePassword.h
+++ b/src/Volume/VolumePassword.h
@@ -81,6 +81,7 @@ namespace VeraCrypt
 	TC_EXCEPTION (PasswordEmpty); \
 	TC_EXCEPTION (PasswordTooLong); \
 	TC_EXCEPTION (PasswordUTF8TooLong); \
+	TC_EXCEPTION (PasswordLegacyUTF8TooLong); \
 	TC_EXCEPTION (PasswordUTF8Invalid); \
 	TC_EXCEPTION (UnportablePassword);
 
-- 
cgit v1.2.3