The first thing you would want to adjust for this is the spry validation for the password. Toward the bottom of the page is this line of code:
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1", {validateOn:["blur"], minChars:6, minNumbers:1, minAlphaChars:1});
It is the three parameters in here that control the character length and type of chars:
minChars:6, minNumbers:1, minAlphaChars:1
You can change the min chars to be whatever you want, then for the other two you can just delete them so in the end it would look like this:
var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1", {validateOn:["blur"], minChars:5});
Next you would want to update the server side validations that are enforcing these rules. This is controlled by these three lines of code toward the top of the page:
$WAFV_Errors .= WAValidateEL(((isset($_POST["UserPassword"]))?$_POST["UserPassword"]:"") . "",6,50,true,3);
$WAFV_Errors .= WAValidateRX(((isset($_POST["UserPassword"]))?$_POST["UserPassword"]:"") . "","/[0-9]/",true,4);
$WAFV_Errors .= WAValidateRX(((isset($_POST["UserPassword"]))?$_POST["UserPassword"]:"") . "","/[a-z,A-Z]/",true,5);
The first one is checking the length and the next two are checking the type of chars. You can update the first to be a 5 instead of 6 then delete the next two, this would look like this:
$WAFV_Errors .= WAValidateEL(((isset($_POST["UserPassword"]))?$_POST["UserPassword"]:"") . "",5,50,true,3);