Information
A minimum password length is the fewest number of characters a password can contain to meet a system's requirements.
Ensure that a minimum of a 15 character password is part of the password policy on the computer.
Where the confidentiality of encrypted information in FileVault is more of a concern requiring a longer password or passphrase may be sufficient rather than imposing additional complexity requirements that may be self-defeating.
Rationale:
Information systems that are not protected with strong password schemes including passwords of minimum length provide a greater opportunity for attackers to crack the password and gain access to the system.
Solution
Perform the following to implement the prescribed state for all pwpolicy controls
Run the following command in Terminal:
pwpolicy -setaccountpolicies
Examples in pwpolicy man page