Currently the minimum password length for secure passwords is hardcoded to 8. Some applications may require larger minimums.
It’d be nice if, once you check Require Secure Passwords, an additional entry for the minimum length password displayed. That could default to 8, maintaining the current behavior, but allowing others to increase it.