diff --git a/TShockAPI/Commands.cs b/TShockAPI/Commands.cs
index 0d6c7275..d1ad31a3 100755
--- a/TShockAPI/Commands.cs
+++ b/TShockAPI/Commands.cs
@@ -924,13 +924,24 @@ namespace TShockAPI
 				{
 					user.Name = args.Player.Name;
 					echoPassword = args.Parameters[0];
-					user.CreateBCryptHash(args.Parameters[0]);
+					try {
+						user.CreateBCryptHash(args.Parameters[0]);
+					}
+					catch (ArgumentOutOfRangeException) {
+						args.Player.SendErrorMessage("Password must be > " + TShock.Config.MinimumPasswordLength + " characters.");
+						return;
+					}
 				}
 				else if (args.Parameters.Count == 2 && TShock.Config.AllowRegisterAnyUsername)
 				{
 					user.Name = args.Parameters[0];
 					echoPassword = args.Parameters[1];
-					user.CreateBCryptHash(args.Parameters[1]);
+					try {
+						user.CreateBCryptHash(args.Parameters[1]);
+					} catch (ArgumentOutOfRangeException) {
+						args.Player.SendErrorMessage("Password must be > " + TShock.Config.MinimumPasswordLength + " characters.");
+						return;
+					}
 				}
 				else
 				{
@@ -978,7 +989,12 @@ namespace TShockAPI
 				var user = new User();
 
 				user.Name = args.Parameters[1];
-				user.CreateBCryptHash(args.Parameters[2]);
+				try {
+					user.CreateBCryptHash(args.Parameters[2]);
+				} catch (ArgumentOutOfRangeException) {
+					args.Player.SendErrorMessage("Password must be > " + TShock.Config.MinimumPasswordLength + " characters.");
+					return;
+				}
 				user.Group = args.Parameters[3];
 				
 				try
diff --git a/TShockAPI/ConfigFile.cs b/TShockAPI/ConfigFile.cs
index d01aea77..3eee17c6 100755
--- a/TShockAPI/ConfigFile.cs
+++ b/TShockAPI/ConfigFile.cs
@@ -401,6 +401,9 @@ namespace TShockAPI
 		[Description("Determines the BCrypt work factor to use. If increased, all passwords will be upgraded to new work-factor on verify. Range: 5-31.")]
 		public int BCryptWorkFactor = 7;
 
+		[Description("The minimum password length for new user accounts. Minimum value is 4.")]
+		public int MinimumPasswordLength = 4;
+
 		/// <summary>
 		/// Reads a configuration file from a given path
 		/// </summary>
diff --git a/TShockAPI/DB/UserManager.cs b/TShockAPI/DB/UserManager.cs
index 8b7d0c64..290f06d4 100755
--- a/TShockAPI/DB/UserManager.cs
+++ b/TShockAPI/DB/UserManager.cs
@@ -412,11 +412,15 @@ namespace TShockAPI.DB
 		/// <summary>Creates a BCrypt hash for a user and stores it in this object.</summary>
 		/// <param name="password">string password - the plain text password to hash</param>
 		public void CreateBCryptHash(string password) {
+
+			if (password.Trim().Length < Math.Max(4, TShock.Config.MinimumPasswordLength)) {
+				throw new ArgumentOutOfRangeException("password", "Password must be > " + TShock.Config.MinimumPasswordLength + " characters.");
+			}
 			try {
-				this.Password = BCrypt.Net.BCrypt.HashPassword(password, TShock.Config.BCryptWorkFactor);
+				this.Password = BCrypt.Net.BCrypt.HashPassword(password.Trim(), TShock.Config.BCryptWorkFactor);
 			} catch (ArgumentOutOfRangeException) {
 				TShock.Log.ConsoleError("Invalid BCrypt work factor in config file! Creating new hash using default work factor.");
-				this.Password = BCrypt.Net.BCrypt.HashPassword(password);
+				this.Password = BCrypt.Net.BCrypt.HashPassword(password.Trim());
 			}
 		}