diff --git a/auth/proxy.go b/auth/proxy.go
index c60be9e6..61312f1a 100644
--- a/auth/proxy.go
+++ b/auth/proxy.go
@@ -28,7 +28,8 @@ func (a ProxyAuth) Auth(r *http.Request, usr users.Store, setting *settings.Sett
 }
 
 func (a ProxyAuth) createUser(usr users.Store, setting *settings.Settings, srv *settings.Server, username string) (*users.User, error) {
-	pwd, err := users.RandomPwd(setting.MinimumPasswordLength + 10)
+	const randomPasswordLength = settings.DefaultMinimumPasswordLength + 10
+	pwd, err := users.RandomPwd(randomPasswordLength)
 	if err != nil {
 		return nil, err
 	}
diff --git a/cmd/config.go b/cmd/config.go
index d5b7fc08..3ee8dab8 100644
--- a/cmd/config.go
+++ b/cmd/config.go
@@ -32,7 +32,7 @@ func addConfigFlags(flags *pflag.FlagSet) {
 	addUserFlags(flags)
 	flags.BoolP("signup", "s", false, "allow users to signup")
 	flags.Bool("create-user-dir", false, "generate user's home directory automatically")
-	flags.Uint("minimum-password-length", 12, "minimum password length for new users")
+	flags.Uint("minimum-password-length", settings.DefaultMinimumPasswordLength, "minimum password length for new users")
 	flags.String("shell", "", "shell command to which other commands should be appended")
 
 	flags.String("auth.method", string(auth.MethodJSONAuth), "authentication type")
diff --git a/users/password.go b/users/password.go
index 78f17db9..7260f2c3 100644
--- a/users/password.go
+++ b/users/password.go
@@ -4,14 +4,15 @@ import (
 	"crypto/rand"
 	"encoding/base64"
 
-	"github.com/filebrowser/filebrowser/v2/errors"
 	"golang.org/x/crypto/bcrypt"
+
+	fbErrors "github.com/filebrowser/filebrowser/v2/errors"
 )
 
 // HashPwd hashes a password.
 func HashAndValidatePwd(password string, minimumLength uint) (string, error) {
-	if len(password) < int(minimumLength) {
-		return "", errors.ErrShortPassword
+	if uint(len(password)) < minimumLength {
+		return "", fbErrors.ErrShortPassword
 	}
 
 	return HashPwd(password)