Ignoring that they must be hashed to be acceptable and that it’s not possible for 1000 characters of text to add up to a waste of storage worth mentioning in pretty much any environment, it’s literally impossible for a 128 character password limit to be beneficial in any way.
A limit below that demonstrably lowers security by a huge margin.
Yeah the matching donations was the obvious answer. It’s honestly a decent way to do charity as a company (obviously bigger ticket contributions are good, too), because it rewards them for their choices by increasing their value, and your contributions are going places that have some support behind them from your employees. Finding worthwhile causes that don’t get money has value, but it’s really hard and expensive to do.