diff --git a/config.inc.php b/config.inc.php
index 1a614447..e6f76b80 100644
--- a/config.inc.php
+++ b/config.inc.php
@@ -229,7 +229,7 @@ $CONF['password_validation'] = array(
     '/.{5}/'                => 'password_too_short 5',      # minimum length 5 characters
     // '/([a-zA-Z].*){3}/'     => 'password_no_characters 3',  # must contain at least 3 consecutive characters
     '/([0-9].*){2}/'        => 'password_no_digits 2',      # must contain at least 2 digits
-    'length_check'          => function($password) { return strlen($password) > 2; }, // not unicode safe.
+    'length_check'          => function($password) { return strlen(trim($password)) > 2; }, // not unicode safe.
     /*  support a 'callable' value which if it returns a non-empty string will be assumed to have failed. */
 
     /**