IMHO there shouldn't be a password length check on log-in form (it can remain on registration form) because it prevents user from logging in if one has short password (and policy is not defined on the server hence it's possible to sign up with such password)