diff --git a/application/config/aauth.php b/application/config/aauth.php
index 92b5c1e..8e38c95 100644
--- a/application/config/aauth.php
+++ b/application/config/aauth.php
@@ -42,7 +42,9 @@ $config['aauth']['user_variables'] = 'aauth_user_variables';
 // remember time
 $config['aauth']['remember'] = ' +3 days';
 
-// pasword maximum char long (min is 4)
+// pasword minimum char long
+$config['aauth']['min'] = 8;
+// pasword maximum char long
 $config['aauth']['max'] = 24;
 
 // non alphanumeric characters that are allowed in a name
diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php
index 7784ba6..afeb061 100644
--- a/application/libraries/Aauth.php
+++ b/application/libraries/Aauth.php
@@ -666,7 +666,7 @@ class Aauth {
 			$this->error($this->CI->lang->line('aauth_error_email_invalid'));
 			$valid = FALSE;
 		}
-		if ( strlen($pass) < 5 OR strlen($pass) > $this->config_vars['max'] ){
+		if ( strlen($pass) < $this->config_vars['min'] OR strlen($pass) > $this->config_vars['max'] ){
 			$this->error($this->CI->lang->line('aauth_error_password_invalid'));
 			$valid = FALSE;
 		}