diff --git a/seahub/templates/sysadmin/settings.html b/seahub/templates/sysadmin/settings.html
index 67e8e98b1a..aac1cc2e57 100644
--- a/seahub/templates/sysadmin/settings.html
+++ b/seahub/templates/sysadmin/settings.html
@@ -53,7 +53,7 @@
         {% include "snippets/web_settings_form.html" %}
     {% endwith %}
 
-    {% with type="input" setting_display_name="password strength level" help_tip="The level of an account password's strength." setting_name="USER_PASSWORD_STRENGTH_LEVEL" setting_val=config_dict.USER_PASSWORD_STRENGTH_LEVEL %}
+    {% with type="input" setting_display_name="password strength level" help_tip="The level(1-4) of an account password's strength. For example, '3' means password must have at least 3 of the following: num, upper letter, lower letter and other symbols" setting_name="USER_PASSWORD_STRENGTH_LEVEL" setting_val=config_dict.USER_PASSWORD_STRENGTH_LEVEL %}
         {% include "snippets/web_settings_form.html" %}
     {% endwith %}
     </div>
diff --git a/seahub/views/sysadmin.py b/seahub/views/sysadmin.py
index 0f9461e38e..90f10a9c80 100644
--- a/seahub/views/sysadmin.py
+++ b/seahub/views/sysadmin.py
@@ -1690,6 +1690,11 @@ def sys_settings(request):
             else:
                 result['error'] = _(u'Invalid value')
                 return HttpResponse(json.dumps(result), status=400, content_type=content_type)
+
+            if key == 'USER_PASSWORD_STRENGTH_LEVEL' and value not in (1,2,3,4):
+                result['error'] = _(u'Invalid value')
+                return HttpResponse(json.dumps(result), status=400, content_type=content_type)
+
         else:
             if key not in STRING_WEB_SETTINGS:
                 result['error'] = _(u'Invalid value')