diff --git a/config/config.ini b/config/config.ini
index 0fc5257..54d11de 100644
--- a/config/config.ini
+++ b/config/config.ini
@@ -128,4 +128,7 @@ pstotext = pstotext
 catdoc = catdoc
 antiword = antiword
 
-
+[user_prefs]
+; minimum password length on password-setting
+; could be moved into DB-auth-config
+passwordLength = 6
diff --git a/preferences.php b/preferences.php
index 5aaae6d..1410620 100644
--- a/preferences.php
+++ b/preferences.php
@@ -78,6 +78,14 @@ class PreferencesDispatcher extends KTStandardDispatcher {
         } else if ($password !== $confirm_password) {
             $this->errorRedirectToMain(_("The passwords you specified do not match."));
         }
+		
+		$KTConfig =& KTConfig::getSingleton();
+		$minLength = ((int) $KTConfig->get('user_prefs/passwordLength', 6));
+		
+		if (strlen($password) < $minLength) {
+            $this->errorRedirectToMain(sprintf(_("Your password is too short - passwords must be at least %d characters long."), $minLength));		
+		}
+		
         // FIXME more validation would be useful.
         // validated and ready..
         $this->startTransaction();