Such a small max length is a good indicator they aren’t handling passwords correctly. A modern website should be able to send and hash kilobytes of text without the user seeing a significant delay. Having a max size like this sounds like they are storing the password as text instead of a hash.

Or some dumb project manager said passwords longer than 24 characters look bad in the UI and wanted the limit.