diff --git a/api/libs/password.py b/api/libs/password.py
index cdf55c57e5b..3313278492a 100644
--- a/api/libs/password.py
+++ b/api/libs/password.py
@@ -13,7 +13,7 @@ def valid_password(password):
     if re.match(pattern, password) is not None:
         return password
 
-    raise ValueError("Password must contain letters and numbers, and the length must be greater than 8.")
+    raise ValueError("Password must contain letters and numbers, and the length must be at least 8 characters.")
 
 
 def hash_password(password_str, salt_byte):
diff --git a/api/tests/unit_tests/libs/test_password.py b/api/tests/unit_tests/libs/test_password.py
index 79fc792cc5f..3cdf22e8051 100644
--- a/api/tests/unit_tests/libs/test_password.py
+++ b/api/tests/unit_tests/libs/test_password.py
@@ -35,6 +35,13 @@ class TestValidPassword:
         with pytest.raises(ValueError):
             valid_password("")
 
+    def test_should_reject_password_shorter_than_minimum_length(self):
+        """A 7-character password with letters and numbers is rejected for length."""
+        with pytest.raises(ValueError) as exc_info:
+            valid_password("abc1234")
+
+        assert "at least 8" in str(exc_info.value)
+
 
 class TestPasswordHashing:
     """Test password hashing and comparison"""