A user can specify a password longer then 8 characters.
MAN pages states:
cisco-authentication secret Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters.
Add proper validator to CLI