diff -u password_reset/password_reset.admin.inc password_reset_mod2/password_reset.admin.inc
--- password_reset/password_reset.admin.inc     2009-02-28 07:34:26.000000000 +0000
+++ password_reset_mod2/password_reset.admin.inc        2009-10-06 15:56:40.000000000 +0000
@@ -32,12 +32,20 @@
     '#description' => t("Example: 'What is your library card number?' or 'What is your mother's maiden name?'."),
     '#required' => TRUE
   );
+  $form['min_answer_length'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Minimum answer length'),
+    '#maxlength' => 4,
+    '#description' => t("Example: 10. Enter 0 for no minimum length."),
+    '#required' => TRUE
+  );

   $form['submit'] = array('#type' => 'submit', '#value' => t('Add question'));

   if (arg(3) == 'edit' && isset($qid)) {
     $question = db_fetch_array(db_query("SELECT * FROM {password_reset} WHERE qid = %d", $qid));
     $form['question']['#default_value'] = $question['question'];
+    $form['min_answer_length']['#default_value'] = $question['min_answer_length'];
     $form['qid'] = array('#type' => 'value', '#value' => $question['qid']);
     $form['submit']['#value'] = t('Update question');
   }
diff -u password_reset/password_reset.install password_reset_mod2/password_reset.install
--- password_reset/password_reset.install       2008-03-30 21:39:46.000000000 +0000
+++ password_reset_mod2/password_reset.install  2009-10-06 16:43:35.000000000 +0000
@@ -37,6 +37,13 @@
         'default' => '',
         'description' => t('Question text.')
       ),
+      'min_answer_length' => array(
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+        'description' => t('Minimum length for answer.')
+      ),
     ),
     'primary key' => array('qid')
   );
@@ -71,6 +78,16 @@
   return $schema;
 }

+function password_reset_update_1() {
+  db_add_field($ret, 'password_reset', 'min_answer_length', array(
+    'type' => 'int',
+    'unsigned' => TRUE,
+    'not null' => TRUE,
+    'default' => 0,
+    'description' => t('Minimum length for answer.')));
+  return $ret;
+}
+
 /**
  * Implementation of hook_uninstall().
  */
diff -u password_reset/password_reset.module password_reset_mod2/password_reset.module
--- password_reset/password_reset.module        2009-02-28 07:34:26.000000000 +0000
+++ password_reset_mod2/password_reset.module   2009-10-06 16:41:44.000000000 +0000
@@ -234,6 +234,15 @@
         unset($edit['password_reset']);
       }
       break;
+    case 'validate':
+      if (isset($edit['password_reset'])) {
+        if ($question = password_reset_question_get($edit['password_reset']['question'])) {
+          if ($question->min_answer_length > strlen(trim($edit['password_reset']['answer']))) {
+            form_set_error('password_reset][answer', t('Answer too short. This question needs an answer with at least %length characters.', array('%length' => $question->min_answer_length)));
+          }
+        }
+      }
+      break;
     case 'delete':
       db_query('DELETE FROM {password_reset_users} WHERE uid = %d', $account->uid);
       break;
@@ -255,6 +264,14 @@
 }

 /**
+ * Retrieve one question by id.
+ */
+function password_reset_question_get($qid) {
+  $result = db_query('SELECT * FROM {password_reset} pr WHERE pr.qid = %d', $qid);
+  return $result ? db_fetch_object($result) : FALSE;
+}
+
+/**
  * Add / update a security question.
  *
  * @param Array $question