Ordinarily I'd agree with small companies not being informed enough on security best practices and agree with your point. Small companies shouldn't invent security on their own.
But there's something bigger here that stood out and that kind of makes me angry: Apple, a multi-trillion dollar company, is influencing people to stop using products by small companies and small teams.
It's stuff like this, stuff like requirements to "sign in / pay with Apple", and stuff like the green text boxes that make you have to fit everything to Apple and give them their dues.
I really wish we'd regulate or break up the big tech companies. Innovation has barriers to entry because of them.
Apple shouldn't be making their own password standard. They should work in an industry consortium to agree across the board, and they should put in the extra effort to tell users when websites may not comply with their new rules. It's not the website's fault that they didn't get the new and unannounced memo.
Add a new HTML password form property to indicate compliance with the standard before you go generating uncompliant passwords. Do a graceful migration. Stop beating up the little players.
I'm starting to think that neither Google nor Apple should be allowed to have their own web browsers. They're only using them as a means to deepen their platform reach and hobble up more control.
Pretty soon Apple and Google won't generate passwords at all. They'll deprecate the password field and mark it dangerous. Then it'll be an Apple passkey where companies will have to negotiate payment rates and won't be privileged to know their own customer.