diff --git a/install.sh b/install.sh
index 5606e59c..a2d2cdc8 100644
--- a/install.sh
+++ b/install.sh
@@ -1763,11 +1763,16 @@ create_admin_and_show_logins_success_message() {
        
     fi
 
-    if [ "$SET_ADMIN_PASSWORD" = true ]; then
-       new_password="${custom_password}"
-    else
-       new_password=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 16)
-    fi
+	if [ "$SET_ADMIN_PASSWORD" = true ]; then
+	    if [[ "$custom_password" =~ ^[A-Za-z0-9]{6,16}$ ]]; then
+	        new_password="${custom_password}"
+	    else
+	        echo "Warning: custom_password is invalid (must be alphanumeric and 6–16 characters). Generating a secure password."
+	        new_password=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 16)
+	    fi
+	else
+	    	new_password=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 16)
+	fi
 
 
 	display_admin_status_and_logins() {