diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml
index 6108da07b..102be300d 100644
--- a/data/actionsmap/yunohost.yml
+++ b/data/actionsmap/yunohost.yml
@@ -125,6 +125,7 @@ user:
                         pattern: &pattern_password
                             - !!str ^.{3,}$
                             - "pattern_password"
+                        comment: good_practices_about_user_password
                 -q:
                     full: --mailbox-quota
                     help: Mailbox size quota
@@ -1449,6 +1450,7 @@ tools:
                         password: ask_new_admin_password
                         pattern: *pattern_password
                         required: True
+                        comment: good_practices_about_admin_password
 
         ### tools_validatepw()
         validatepw:
@@ -1498,6 +1500,7 @@ tools:
                         password: ask_new_admin_password
                         pattern: *pattern_password
                         required: True
+                        comment: good_practices_about_admin_password
                 --ignore-dyndns:
                     help: Do not subscribe domain to a DynDNS service
                     action: store_true
diff --git a/locales/en.json b/locales/en.json
index a25dab7da..8b0908523 100644
--- a/locales/en.json
+++ b/locales/en.json
@@ -197,6 +197,8 @@
     "global_settings_setting_example_string": "Example string option",
     "global_settings_unknown_setting_from_settings_file": "Unknown key in settings: '{setting_key:s}', discarding it and save it in /etc/yunohost/unkown_settings.json",
     "global_settings_unknown_type": "Unexpected situation, the setting {setting:s} appears to have the type {unknown_type:s} but it's not a type supported by the system.",
+    "good_practices_about_admin_password": "You are now about to define a new administration password. The password should be at least 8 characters - though it is good practice to use longer password (i.e. a passphrase) and/or to use various kind of characters (uppercase, lowercase, digits and special characters).",
+    "good_practices_about_user_password": "You are now about to define a new user password. The password should be at least 8 characters - though it is good practice to use longer password (i.e. a passphrase) and/or to use various kind of characters (uppercase, lowercase, digits and special characters).",
     "hook_exec_failed": "Script execution failed: {path:s}",
     "hook_exec_not_terminated": "Script execution hasn\u2019t terminated: {path:s}",
     "hook_list_by_invalid": "Invalid property to list hook by",
@@ -330,7 +332,7 @@
     "packages_upgrade_critical_later": "Critical packages ({packages:s}) will be upgraded later",
     "packages_upgrade_failed": "Unable to upgrade all of the packages",
     "password_listed": "This password is among the most used password in the world. Please choose something a bit more unique.",
-    "password_too_simple_1": "Password needs to be at least 6 characters long",
+    "password_too_simple_1": "Password needs to be at least 8 characters long",
     "password_too_simple_2": "Password needs to be at least 8 characters long and contains digit, upper and lower characters",
     "password_too_simple_3": "Password needs to be at least 8 characters long and contains digit, upper, lower and special characters",
     "password_too_simple_4": "Password needs to be at least 12 characters long and contains digit, upper, lower and special characters",
diff --git a/src/yunohost/app.py b/src/yunohost/app.py
index 3231c58ed..13660a127 100644
--- a/src/yunohost/app.py
+++ b/src/yunohost/app.py
@@ -2189,11 +2189,15 @@ def _parse_action_args_in_yunohost_format(args, action_args, auth=None):
                     for domain in domain_list(auth)['domains']:
                         msignals.display("- {}".format(domain))
 
-                if arg_type == 'user':
+                elif arg_type == 'user':
                     msignals.display(m18n.n('users_available'))
                     for user in user_list(auth)['users'].keys():
                         msignals.display("- {}".format(user))
 
+                elif arg_type == 'password':
+                    msignals.display(m18n.n('good_practices_about_user_password'))
+
+
                 try:
                     input_string = msignals.prompt(ask_string, is_password)
                 except NotImplementedError:
diff --git a/src/yunohost/settings.py b/src/yunohost/settings.py
index cff82cb68..d2526316e 100644
--- a/src/yunohost/settings.py
+++ b/src/yunohost/settings.py
@@ -36,8 +36,8 @@ DEFAULTS = OrderedDict([
     ("example.enum", {"type": "enum", "default": "a", "choices": ["a", "b", "c"]}),
 
     # Password Validation
-    # -1 disabled, 0 alert if listed, 1 6-letter, 2 normal, 3 strong, 4 strongest
-    ("security.password.admin.strength", {"type": "int", "default": 2}),
+    # -1 disabled, 0 alert if listed, 1 8-letter, 2 normal, 3 strong, 4 strongest
+    ("security.password.admin.strength", {"type": "int", "default": 1}),
     ("security.password.user.strength", {"type": "int", "default": 1}),
 ])
 
diff --git a/src/yunohost/utils/password.py b/src/yunohost/utils/password.py
index 97b397f2c..68e51056b 100644
--- a/src/yunohost/utils/password.py
+++ b/src/yunohost/utils/password.py
@@ -63,7 +63,7 @@ class PasswordValidator(object):
             self.validation_strength = int(settings[setting_key])
         except Exception as e:
             # Fallback to default value if we can't fetch settings for some reason
-            self.validation_strength = 2 if profile == 'admin' else 1
+            self.validation_strength = 1
 
     def validate(self, password):
         """
@@ -89,7 +89,7 @@ class PasswordValidator(object):
 
         logger = logging.getLogger('yunohost.utils.password')
 
-        status, msg = validation_summary(password)
+        status, msg = self.validation_summary(password)
         if status == "error":
             raise MoulinetteError(1, m18n.n(msg))