When CBCI is in FIPS mode and configured to use an ldap server for authentication it should not allow users to login with short (<112 bit aka 14 character) passwords.

However a user is able to login as long as the ldap server says the password is ok.

CBCI should refuse to authenticate users when in FIPS mode whose passwords are shorter than 14 characters