It looks like the only requirement is that the password must be at least 6 characters in length. You can just update the error message to say that specifically instead of the generic message you see now, or you could remove or reduce that requirement in the server validation server behavior or manually on line 19. The "6,500" part means between 6 and 500 characters in length.