If reviews are configured to have the reviewer enter his/her password while reviewing the items and if the reviewer's password contains a hash character (i. e., #), then the Review Save option will fail with an Invalid Passworderror, even though the password works correctly while authenticating into the system. See screen shots below for context:
This is a bug in 6.9.1 where the reviews do not support the use of the # special character in the reviewer's authentication password.
This issue is fixed in 6.9.1 P14 and above. Deploy any of the patches, 6.9.1 P14 and above, to have the issue resolved.
As a workaround you can ask the user to update his password to anything which does not contain the # character.