diff --git a/actions/admin/settings/110.accounts.php b/actions/admin/settings/110.accounts.php
index 2c8b445d..4d9a7a84 100644
--- a/actions/admin/settings/110.accounts.php
+++ b/actions/admin/settings/110.accounts.php
@@ -54,6 +54,14 @@ return array(
 					'default' => 900,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_password_min_length' => array(
+					'label' => $lng['serversettings']['panel_password_min_length'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_min_length',
+					'type' => 'int',
+					'default' => 0,
+					'save_method' => 'storeSettingField',
+					),
 				'customer_accountprefix' => array(
 					'label' => $lng['serversettings']['accountprefix'],
 					'settinggroup' => 'customer',
diff --git a/admin_admins.php b/admin_admins.php
index 217ea16a..e6950751 100644
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -154,6 +154,7 @@ if($page == 'admins'
 
 			$loginname = validate($_POST['loginname'], 'loginname');
 			$password = validate($_POST['admin_password'], 'password');
+			$password = validatePassword($password);
 			$def_language = validate($_POST['def_language'], 'default language');
 			$customers = intval_ressource($_POST['customers']);
 
@@ -560,6 +561,7 @@ if($page == 'admins'
 				{
 					if($password != '')
 					{
+						$password = validatePassword($password);
 						$password = md5($password);
 					}
 					else
diff --git a/admin_customers.php b/admin_customers.php
index 6e8361f7..dbde305d 100644
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -379,6 +379,7 @@ if($page == 'customers'
 
 				$createstdsubdomain = intval($_POST['createstdsubdomain']);
 				$password = validate($_POST['customer_password'], 'password');
+				$password = validatePassword($password);
 				$sendpassword = intval($_POST['sendpassword']);
 				$phpenabled = intval($_POST['phpenabled']);
 				$diskspace = $diskspace * 1024;
@@ -849,6 +850,7 @@ if($page == 'customers'
 				{
 					if($password != '')
 					{
+						$password = validatePassword($password);
 						$password = md5($password);
 					}
 					else
diff --git a/customer_email.php b/customer_email.php
index e7f91a81..0d55e561 100644
--- a/customer_email.php
+++ b/customer_email.php
@@ -372,6 +372,7 @@ elseif($page == 'accounts')
 					$email_full = $result['email_full'];
 					$username = $idna_convert->decode($email_full);
 					$password = validate($_POST['email_password'], 'password');
+					$password = validatePassword($password);
 
 					if($settings['panel']['sendalternativemail'] == 1)
 					{
@@ -518,12 +519,12 @@ elseif($page == 'accounts')
 					standard_error(array('stringisempty', 'mypassword'));
 					exit;
 				}
-				else
-				{
-					$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
-					$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
-					redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
-				}
+				
+				$password = validatePassword($password);
+				
+				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
+				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
+				redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			}
 			else
 			{
diff --git a/customer_ftp.php b/customer_ftp.php
index b484892a..c98f8085 100644
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -135,6 +135,7 @@ elseif($page == 'accounts')
 			{
 				$path = validate($_POST['path'], 'path');
 				$password = validate($_POST['ftp_password'], 'password');
+				$password = validatePassword($password);
 
 				if($settings['customer']['ftpatdomain'] == '1')
 				{
diff --git a/customer_mysql.php b/customer_mysql.php
index fec687ff..96a92357 100644
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -139,6 +139,7 @@ elseif($page == 'mysqls')
 			   && $_POST['send'] == 'send')
 			{
 				$password = validate($_POST['mysql_password'], 'password');
+				$password = validatePassword($password);
 
 				if($password == '')
 				{
@@ -219,6 +220,7 @@ elseif($page == 'mysqls')
 				// Only change Password if it is set, do nothing if it is empty! -- PH 2004-11-29
 
 				$password = validate($_POST['mysql_password'], 'password');
+				$password = validatePassword($password);
 
 				if($password != '')
 				{
diff --git a/index.php b/index.php
index 7ede8a99..27c9fa90 100644
--- a/index.php
+++ b/index.php
@@ -240,7 +240,18 @@ if($action == 'forgotpwd')
 		{
 			if($user !== false)
 			{
-				$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+				if ($settings['panel']['password_min_length'] <= 6) {
+					$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+				} else {
+					// make it two times larger than password_min_length
+					$rnd = '';
+					$minlength = $settings['panel']['password_min_length'];
+					while (strlen($rnd) < ($minlength * 2))
+					{
+						$rnd .= md5(uniqid(microtime(), 1));
+					}
+					$password = substr($rnd, (int)($minlength / 2), $minlength);
+				}
 
 				if($adminchecked)
 				{
diff --git a/install/froxlor.sql b/install/froxlor.sql
index f36dabcf..f5c5dbc9 100644
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -451,7 +451,7 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (18, 'system', 'vmail_homedir', '/var/customers/mail/');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (19, 'system', 'bindconf_directory', '/etc/bind/');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (20, 'system', 'bindreload_command', '/etc/init.d/bind9 reload');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (22, 'panel', 'version', '0.9.3');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (22, 'panel', 'version', '0.9.3-svn1');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (23, 'system', 'hostname', 'SERVERNAME');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (24, 'login', 'maxloginattempts', '3');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (25, 'login', 'deactivatetime', '900');
@@ -550,6 +550,7 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (119, 'spf', 'use_spf', '0');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (120, 'spf', 'spf_entry', '@	IN	TXT	"v=spf1 a mx -all"');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (121, 'system', 'debug_cron', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (122, 'panel', 'password_min_length', '0');
 
 # --------------------------------------------------------
 
diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php
index 7a44e783..a40b0912 100644
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
@@ -314,4 +314,15 @@ if(isFroxlorVersion('0.9.2'))
 	updateToVersion('0.9.3');
 }
 
+if(isFroxlorVersion('0.9.3'))
+{
+	showUpdateStep("Updating from 0.9.3 to 0.9.3-svn1", false);
+
+	showUpdateStep("Updating tables");	
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'password_min_length', '0');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.3-svn1');
+}
+
 ?>
diff --git a/lib/functions/validate/function.validatePassword.php b/lib/functions/validate/function.validatePassword.php
new file mode 100644
index 00000000..f2da31b0
--- /dev/null
+++ b/lib/functions/validate/function.validatePassword.php
@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Functions
+ * @version    $Id$
+ */
+
+/**
+ * Function validatePassword
+ *
+ * if password-min-length is set in settings
+ * we check against the length, if not matched
+ * an error message will be output and 'exit' is called
+ *
+ * @param string $password the password to validate
+ *
+ * @return string either the password or an errormessage+exit
+ */
+function validatePassword($password = null)
+{
+	global $settings;
+	
+	if ($settings['panel']['password_min_length'] > 0) {
+		$password = validate(
+			$password, 
+			$settings['panel']['password_min_length'], /* replacer needs to be password length, not the fieldname */
+			'/^.{'.(int)$settings['panel']['password_min_length'].',}$/D', 
+			'notrequiredpasswordlength'
+		);
+	}
+	
+	return $password;
+}
diff --git a/lib/tables.inc.php b/lib/tables.inc.php
index 77aa783d..4f96c338 100644
--- a/lib/tables.inc.php
+++ b/lib/tables.inc.php
@@ -68,7 +68,7 @@ define('PACKAGE_ENABLED', 2);
 
 // VERSION INFO
 
-$version = '0.9.3';
+$version = '0.9.3-svn1';
 $dbversion = '2';
 $branding = '';
 
diff --git a/lng/english.lng.php b/lng/english.lng.php
index 3635266d..895d0ef0 100644
--- a/lng/english.lng.php
+++ b/lng/english.lng.php
@@ -1305,4 +1305,10 @@ $lng['admin']['newerversionavailable'] = 'There is a newer version of Froxlor av
 $lng['emails']['noemaildomainaddedyet'] = 'You do not have a (email-)domain in your account yet.';
 $lng['error']['hiddenfieldvaluechanged'] = 'The value for the hidden field &quot;%s&quot; changed while editing the settings.<br /><br />This is usually not a big problem but the settings could not be saved because of this.';
 
+// ADDED IN FROXLOR 0.9.3-svn1
+
+$lng['serversettings']['panel_password_min_length']['title'] = 'Minimum password length';
+$lng['serversettings']['panel_password_min_length']['description'] = 'Here you can set a minimum length for passwords. \'0\' means: no minimum length required.';
+$lng['error']['notrequiredpasswordlength'] = 'The given password is too short. Please enter at least %s characters.';
+
 ?>
diff --git a/lng/german.lng.php b/lng/german.lng.php
index 56850c59..c47eaab6 100644
--- a/lng/german.lng.php
+++ b/lng/german.lng.php
@@ -1285,4 +1285,10 @@ $lng['admin']['newerversionavailable'] = 'Eine neuere Version von Froxlor wurde
 $lng['emails']['noemaildomainaddedyet'] = 'Sie haben bisher noch keine (E-Mail-)Domain in Ihrem Konto.';
 $lng['error']['hiddenfieldvaluechanged'] = 'Der Wert des verborgenen Feldes &quot;%s&quot; hat sich w&auml;hrend dem &Auml;ndern der Einstellungen ge&auml;ndert.<br /><br />Dies ist im Grunde kein schwerwiegendes Problem, allerdings konnten so die Einstellungen nicht gespeichert werden.';
 
+// ADDED IN FROXLOR 0.9.3-svn1
+
+$lng['serversettings']['panel_password_min_length']['title'] = 'Mindestl&auml;nge von Passw&ouml;rtern';
+$lng['serversettings']['panel_password_min_length']['description'] = 'Hier k&ouml;nnen Sie die Mindestl&auml;nge f&uuml;r Passw&ouml;rter festlegen. \'0\' bedeutet: Keine Mindestl&auml;nge';
+$lng['error']['notrequiredpasswordlength'] = 'Das Passwort ist zu kurz. Bitte geben Sie mindestens %s Zeichen an.';
+
 ?>