diff --git a/app/provision/app_config.php b/app/provision/app_config.php
index cbe145ab6..3655927a7 100644
--- a/app/provision/app_config.php
+++ b/app/provision/app_config.php
@@ -72,6 +72,14 @@
 		$apps[$x]['default_settings'][$y]['default_setting_enabled'] = "false";
 		$apps[$x]['default_settings'][$y]['default_setting_description'] = "";
 		$y++;
+		$apps[$x]['default_settings'][$y]['default_setting_uuid'] = "885a43f9-eea2-4150-ba25-f576918880b3";
+		$apps[$x]['default_settings'][$y]['default_setting_category'] = "provision";
+		$apps[$x]['default_settings'][$y]['default_setting_subcategory'] = "password_http_auth_length";
+		$apps[$x]['default_settings'][$y]['default_setting_name'] = "numeric";
+		$apps[$x]['default_settings'][$y]['default_setting_value'] = "20";
+		$apps[$x]['default_settings'][$y]['default_setting_enabled'] = "true";
+		$apps[$x]['default_settings'][$y]['default_setting_description'] = "Set the length for generated http auth passwords.";
+		$y++;
 		$apps[$x]['default_settings'][$y]['default_setting_uuid'] = "c998c762-6a43-4911-a465-a9653eeb793d";
 		$apps[$x]['default_settings'][$y]['default_setting_category'] = "provision";
 		$apps[$x]['default_settings'][$y]['default_setting_subcategory'] = "http_auth_enabled";
diff --git a/core/domain_settings/resources/classes/domain_settings.php b/core/domain_settings/resources/classes/domain_settings.php
index ee79db594..6277cfa0b 100644
--- a/core/domain_settings/resources/classes/domain_settings.php
+++ b/core/domain_settings/resources/classes/domain_settings.php
@@ -231,6 +231,9 @@ class domain_settings {
 	public function copy($records) {
 		if (permission_exists($this->permission_prefix . 'add') && permission_exists('domain_select') && count($_SESSION['domains']) > 1) {
 
+			//define the global variables
+			global $settings;
+
 			//add multi-lingual support
 			$language = new text;
 			$text     = $language->get();
@@ -279,7 +282,7 @@ class domain_settings {
 
 							//set a random password for http_auth_password
 							if ($domain_setting_subcategory == "http_auth_password") {
-								$domain_setting_value = generate_password();
+								$domain_setting_value = generate_password(max(8, intval($settings->get('provision', 'password_http_auth_length', 20))));
 							}
 
 							//target is different domain, check if exists
@@ -360,7 +363,7 @@ class domain_settings {
 
 							//set a random password for http_auth_password
 							if ($domain_setting_subcategory == "http_auth_password") {
-								$domain_setting_value = generate_password();
+								$domain_setting_value = generate_password(max(8, intval($settings->get('provision', 'password_http_auth_length', 20))));
 							}
 
 							// check if exists