diff --git a/pom.xml b/pom.xml
index cada5462..33ba0c8a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -126,6 +126,7 @@
     <dependency>
       <groupId>org.jenkins-ci.plugins</groupId>
       <artifactId>credentials</artifactId>
+      <version>1378.v81ef4269d764</version>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci.plugins</groupId>
diff --git a/src/main/java/hudson/plugins/emailext/MailAccount.java b/src/main/java/hudson/plugins/emailext/MailAccount.java
index f8d3c240..86491f68 100644
--- a/src/main/java/hudson/plugins/emailext/MailAccount.java
+++ b/src/main/java/hudson/plugins/emailext/MailAccount.java
@@ -309,12 +309,19 @@ private void migrateCredentials() {
         if (StringUtils.isBlank(credentialsId)) {
             // If we couldn't find any existing credentials,
             // create new credentials with the principal and secret and use it.
-            final StandardUsernamePasswordCredentials newCredentials = new UsernamePasswordCredentialsImpl(
-                    CredentialsScope.GLOBAL,
-                    null,
-                    "Migrated from email-ext username/password",
-                    smtpUsername,
-                    smtpPassword.getPlainText());
+            final StandardUsernamePasswordCredentials newCredentials;
+            try {
+                newCredentials = new UsernamePasswordCredentialsImpl(
+                        CredentialsScope.GLOBAL,
+                        null,
+                        "Migrated from email-ext username/password",
+                        smtpUsername,
+                        smtpPassword.getPlainText());
+            } catch (Descriptor.FormException e) {
+                // safe to ignore as too short password should happen only in FIPS mode
+                // and migrating from no FIPS to FIPS is not supported, but only fresh start
+                throw new RuntimeException(e);
+            }
             SystemCredentialsProvider.getInstance().getCredentials().add(newCredentials);
             credentialsId = newCredentials.getId();
         }
diff --git a/src/test/java/hudson/plugins/emailext/MailAccountFIPSTest.java b/src/test/java/hudson/plugins/emailext/MailAccountFIPSTest.java
index 08f68a60..092b81fe 100644
--- a/src/test/java/hudson/plugins/emailext/MailAccountFIPSTest.java
+++ b/src/test/java/hudson/plugins/emailext/MailAccountFIPSTest.java
@@ -68,12 +68,16 @@ public void testIsValidAuthConfigAndTLS() {
     }
 
     @Test
-    public void testFormValidationForInsecureAuth() {
+    public void testFormValidationForInsecureAuth() throws Exception {
         final String validCredentialId = "valid-id";
         SystemCredentialsProvider.getInstance()
                 .getCredentials()
                 .add(new UsernamePasswordCredentialsImpl(
-                        CredentialsScope.GLOBAL, validCredentialId, "description", "username", "password"));
+                        CredentialsScope.GLOBAL,
+                        validCredentialId,
+                        "description",
+                        "username",
+                        "password-must-be-longer-for-fips"));
 
         MailAccountDescriptor mad = (MailAccountDescriptor) Jenkins.get().getDescriptor(MailAccount.class);
 
diff --git a/src/test/java/hudson/plugins/emailext/MailAccountTest.java b/src/test/java/hudson/plugins/emailext/MailAccountTest.java
index 126bfb6b..8cbfb2b4 100644
--- a/src/test/java/hudson/plugins/emailext/MailAccountTest.java
+++ b/src/test/java/hudson/plugins/emailext/MailAccountTest.java
@@ -118,7 +118,7 @@ public void testUpgradeDuringCredentialsGetter() {
     }
 
     @Test
-    public void testFormValidationForInsecureAuth() {
+    public void testFormValidationForInsecureAuth() throws Exception {
         final String validCredentialId = "valid-id";
         SystemCredentialsProvider.getInstance()
                 .getCredentials()