Have tested changing the password multiple ways across multiple triggers and sure enough it simply refuses to update. Several other fields will update fine, but the password continues to generate with 12 characters regardless. Have debugged the user object and it is being updated with the 6 character password, but refuses to store.
Very strange. I suspect it's an issue with the password not being set to the Joomla user object that's in the CB user object. Sorry, don't have anything further to suggest. All I can recommend is informing your clients the importance of security of a 12 character password or opt to use non-randomly generated passwords.
Will see if the Field action can be improved further to support randomly generating a new password which maybe more reliable than doing so from a Code action.
forge.joomlapolis.com/issues/7340