Knowledgebase
How to set and change the minimal password length for user accounts in MediaWiki
You can change the required length of passwords for the accounts of registered users by adding a line to the LocalSettings.php file of your MediaWiki.
By default, for versions older than 1.16 the option for the minimal password is set to 0 which means that users can actually create accounts without specifying passwords. For versions 1.16 and newer it's set to 1 which means that the user has to make the password at least one character long. If you want to change that and require users to specify longer passwords, add a line such as the following on a new line at the end of the LocalSettings.php file:
$wgMinimalPasswordLength = 8;
This will require users to make their passwords at least 8 characters long. If you want to change the length, just put the respective number in the line. New users who try to create accounts will not be allowed to use shorter passwords. If they type a shorter password, after they click on the button for creating the account they'll see an error message at the top of the page informing them about the required minimal length of the password.
When users that have already created accounts and that have shorter passwords than the newly specified length try to log in, they'll be redirected to the form for resetting their password and a message will be displayed informing them about the required length.
The LocalSettings.php file that you have to edit to change the password length is located in the root MediaWiki folder on your MediaWiki hosting account. If the application is installed directly in the public_html folder on your account (making the URL of the frontend yourdomain.com), then the path to the file on the account will be public_html/LocalSettings.php. One way HostKnox customers can edit and view files directly on their accounts is with the File manager of the Pixie control panel. Another way to do it is to download the file on your local computer, edit it with a text editor (e.g. Notepad ++), then upload the file back in the same folder overwriting the old file.
When it comes to user passwords you may also find useful the following: