Your password (the string of character you input on your computer) can be as long (within reason) or short as you want but generally passwords should be at least 8-10 alphanumeric characters, and should not be anything that can be guessed with enough information (eg, birthday, famous date, person's name).
We do not enforce any minimum password/PIN length on BC Vault! You can even choose to use no global/wallet password/PIN at all, but in that case you data will not be protected well against 3rd parity! Always be sure to at minimum use at least password or PIN (global or wallet)!
Also read: How long should my password/PIN be?
Also read: Password hints