If the password is generated with a PRNG and a random seed anything over 37 chars is over kill since the encryption key could be brute forced first. If the password is not random having more will be helpful though.