diff --git a/core/includes/form.inc b/core/includes/form.inc
index 42206a4..f8b3ff2 100644
--- a/core/includes/form.inc
+++ b/core/includes/form.inc
@@ -1213,7 +1213,14 @@ function form_process_password_confirm($element) {
 function password_confirm_validate($element, &$element_state) {
   $pass1 = trim($element['pass1']['#value']);
   $pass2 = trim($element['pass2']['#value']);
+  $minimum_password_length = \Drupal::config('user.settings')->get('minimum_password_length');
+
   if (!empty($pass1) || !empty($pass2)) {
+    // Check that the password is long enough.
+    if (strlen($pass1) < $minimum_password_length) {
+      form_error($element, $element_state, t('Password must be at least @minimum_password_length characters long.', array('@minimum_password_length' => $minimum_password_length)));
+    }
+    // Check that the passwords match.
     if (strcmp($pass1, $pass2)) {
       form_error($element, $element_state, t('The specified passwords do not match.'));
     }
diff --git a/core/modules/user/config/install/user.settings.yml b/core/modules/user/config/install/user.settings.yml
index fbb0d98..9a0dc24 100644
--- a/core/modules/user/config/install/user.settings.yml
+++ b/core/modules/user/config/install/user.settings.yml
@@ -1,6 +1,7 @@
 admin_role: ''
 anonymous: Anonymous
 verify_mail: true
+minimum_password_length: 6
 notify:
   cancel_confirm: true
   password_reset: true
diff --git a/core/modules/user/lib/Drupal/user/AccountSettingsForm.php b/core/modules/user/lib/Drupal/user/AccountSettingsForm.php
index e29bc26..1cc11a0 100644
--- a/core/modules/user/lib/Drupal/user/AccountSettingsForm.php
+++ b/core/modules/user/lib/Drupal/user/AccountSettingsForm.php
@@ -141,6 +141,13 @@ public function buildForm(array $form, array &$form_state) {
       '#default_value' => $config->get('cancel_method'),
       '#description' => $this->t('Users with the %select-cancel-method or %administer-users <a href="@permissions-url">permissions</a> can override this default method.', array('%select-cancel-method' => $this->t('Select method for cancelling account'), '%administer-users' => $this->t('Administer users'), '@permissions-url' => url('admin/people/permissions'))),
     );
+    $form['registration_cancellation']['minimum_password_length'] = array(
+      '#type' => 'textfield',
+      '#title' => $this->t('Minimum password length'),
+      '#default_value' => $config->get('minimum_password_length'),
+      '#description' => $this->t("The minimum password length required for users registering."),
+      '#maxlength' => 4,
+    );
     $form['registration_cancellation']['user_cancel_method'] += user_cancel_methods();
     foreach (Element::children($form['registration_cancellation']['user_cancel_method']) as $key) {
       // All account cancellation methods that specify #access cannot be
@@ -414,6 +421,7 @@ public function submitForm(array &$form, array &$form_state) {
       ->set('anonymous', $form_state['values']['anonymous'])
       ->set('admin_role', $form_state['values']['user_admin_role'])
       ->set('register', $form_state['values']['user_register'])
+      ->set('minimum_password_length', $form_state['values']['minimum_password_length'])
       ->set('password_strength', $form_state['values']['user_password_strength'])
       ->set('verify_mail', $form_state['values']['user_email_verification'])
       ->set('signatures', $form_state['values']['user_signatures'])
diff --git a/core/modules/user/user.js b/core/modules/user/user.js
index 1748a2c..a03282c 100644
--- a/core/modules/user/user.js
+++ b/core/modules/user/user.js
@@ -99,10 +99,10 @@
     var usernameBox = $('input.username');
     var username = (usernameBox.length > 0) ? usernameBox.val() : translate.username;

-    // Lose 5 points for every character less than 6, plus a 30 point penalty.
-    if (password.length < 6) {
+    // Lose 5 points for every character less than minPasswordLength, plus a 30 point penalty.
+    if (password.length < translate.minPasswordLength) {
       msg.push(translate.tooShort);
-      strength -= ((6 - password.length) * 5) + 30;
+      strength -= ((translate.minPasswordLength - password.length) * 5) + 30;
     }

     // Count weaknesses.
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index 955f644..1e11bad 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -1504,10 +1504,11 @@ function user_form_process_password_confirm($element) {

   if (\Drupal::config('user.settings')->get('password_strength')) {
     $password_settings['showStrengthIndicator'] = TRUE;
+    $password_settings['minPasswordLength'] = \Drupal::config('user.settings')->get('minimum_password_length');
     $password_settings += array(
       'strengthTitle' => t('Password strength:'),
       'hasWeaknesses' => t('To make your password stronger:'),
-      'tooShort' => t('Make it at least 6 characters'),
+      'tooShort' => t('Make it at least @minimum_password_length characters', array('@minimum_password_length' => \Drupal::config('user.settings')->get('minimum_password_length'))),
       'addLowerCase' => t('Add lowercase letters'),
       'addUpperCase' => t('Add uppercase letters'),
       'addNumbers' => t('Add numbers'),