Fix some ZKP password issues, a=chris

diff --git a/src/controllers/components/AccountaccessComponent.php b/src/controllers/components/AccountaccessComponent.php
index 0d1c9b189..1c599adcd 100644
--- a/src/controllers/components/AccountaccessComponent.php
+++ b/src/controllers/components/AccountaccessComponent.php
@@ -162,11 +162,16 @@ class AccountaccessComponent extends Component
         $arg = (isset($_REQUEST['arg'])) ? $_REQUEST['arg'] : "";
         switch ($arg) {
             case "updateuser":
-                if (isset($_REQUEST['new_password']) &&
-                    strlen($_REQUEST['new_password']) > C\LONG_NAME_LEN) {
-                    return $parent->redirectWithMessage(
-                        tl('accountaccess_component_passwords_too_long'),
-                        ["edit", "edit_pass"]);
+                if (isset($_REQUEST['new_password']) ) {
+                    $pass_len = strlen($_REQUEST['new_password']);
+                    if ($pass_len > C\ZKP_PASSWORD_LEN ||
+                        (C\AUTHENTICATION_MODE != C\ZKP_AUTHENTICATION &&
+                            $pass_len > C\LONG_NAME_LEN
+                        )) {
+                        return $parent->redirectWithMessage(
+                            tl('accountaccess_component_passwords_too_long'),
+                            ["edit", "edit_pass"]);
+                    }
                 }
                 if (isset($data['EDIT_PASSWORD']) &&
                     (!isset($_REQUEST['retype_password']) ||
@@ -337,9 +342,13 @@ class AccountaccessComponent extends Component
         $data['PAGING'] = "";
         if (isset($_REQUEST['arg']) &&
             in_array($_REQUEST['arg'], $possible_arguments)) {
+            $pass_len = (isset($_REQUEST['new_password'])) ?
+                strlen($_REQUEST['new_password']) : 0;
             switch ($_REQUEST['arg']) {
                 case "adduser":
-                    if (strlen($_REQUEST['password']) > C\LONG_NAME_LEN) {
+                    if ($pass_len > C\ZKP_PASSWORD_LEN ||
+                        (C\AUTHENTICATION_MODE != C\ZKP_AUTHENTICATION &&
+                            $pass_len > C\LONG_NAME_LEN )) {
                         return $parent->redirectWithMessage(
                             tl('accountaccess_component_passwords_too_long'),
                             $request_fields);
@@ -365,7 +374,7 @@ class AccountaccessComponent extends Component
                         if (C\AUTHENTICATION_MODE == C\ZKP_AUTHENTICATION) {
                             $zkp_password =
                                 substr($parent->clean($_REQUEST['password'],
-                                    "string"), 0, ZKP_PASSWORD_LEN);
+                                    "string"), 0, C\ZKP_PASSWORD_LEN);
                         } else {
                             $norm_password =
                                 substr($parent->clean($_REQUEST['password'],