diff --git a/app.py b/app.py
index c876ba6..0be527b 100644
--- a/app.py
+++ b/app.py
@@ -302,6 +302,9 @@ def signup():
     if not username or not password:
         return render_template("signup.html", error="Both username and password must be entered")
     
+    if len(username) < 10 or len(password) < 10:
+        return render_template("signup.html", error="Both username and password must be at least 10 characters long")
+    
     user = db.get_user_by_username(username)
     if user:
         return render_template("signup.html", error="User already exists")