The new [[Special:ChangeCredentials]] implementation of password change has the Cancel button broken, as it causes UI validation, forcing you to enter the new password and retype before you cancel. (Also, the Cancel button POSTs the form, causing Firefox to offer to save those passwords which I needed to enter.)
The validation message is probably caused by HTML validation by browser (tested on Firefox 46.0.1 on Windows).
(Also, shouldn’t a password change require the current password?)