>We had a discussion recently in the team about the length of what a password should be. Some would say the longest is the better. Well, while this may be good as an answer, I would be curious to know, before encryption, what is the length you usually have in your application for the member's table password.

The trade-off is password strength vs. ease of use. Obviously a longer password is more robust, especially if a combination of letters, numbers, and special characters is required. (That's a good idea anyway IMO). But as a user I hate having to type in a long password every time I use an application. The "sweet spot" for me is 8 characters.