Most people likely hate me on this newsgroup (because most people are
morons who hate that I debunk all their myths - IMHO); but I strive to help
people who ask questions by testing out those questions on my phone.

So I tested it... using my Galaxy A32-5G T-Mobile, USA, Android 13.
1. Settings > Connections > Mobile hotspot and tethering > Mobile Hotspot
2. Turning that on said the following warming:
Mobile Hotspot may not be available
You're connected to a 5GHz Wi-Fi network using Wi-Fi sharing.
Some devices don't support 5GHz networks. If you have any trouble
connecting to your Mobile Hotspot from another device, try turning
off Wi-Fi sharing. [OK]
3. Longpressing on the now-turned-on "Mobile Hotspot" on/off setting brings
up an Android activity asking for the Network name, Password, Band,
and then an option to configure "Auto Hotspot" and a listing of
"Connected Devices" along with a QR code and Help-link icon.

The Password is set to "None" as it was previously configured when my WISP
Internet had gone out so I know it accepts no password by pressing
"Configure", which brings up a form with a few items on it as expected.
Network name = myphone_nomap
Band = 2.4GHz
Security = Open
Maximum connections = 5
Set mobile data limit = unset
Turn off when no device connected for = 10 minutes
Broadcast network name (SSID) = off
Protected Management Frames = on
Wi-Fi sharing = on

But again, while people hate me for giving them facts, I do try very much
to help people (even those who hate me), so I will try to set the password.

The choices for security are:
None
WPA2-Personal
WPA2/WPA3-Personal
WPA3-Personal

I set it to WPA2-Personal and entered 1 as the password, but as you noted,
it said in red "Enter password of at least 8 characters" which I then set
to 12345678 and it took that.
If you're a greenhorn, then you will not be able to set up your phone (or
anything, for that matter, not even a router) for privacy. It takes time.
The best way to get a high degree of control over a cellphone is to root
it, but I suspect one out of 10,000 people roots their Android phones.
My advice is for you to do one very important thing for privacy, which is
to press the "SKIP" button when the phone asks you to set up a Google
Account on that phone.

This advice is for privacy.
Do you read the news? There must be thousands of articles about this over
the years, and even scores of them due to recent issues with how Apple is
throwing the privacy of all Android users under the bus due to it.

Whatg's App's solution?
heh heh heh ... add "_nomap" to the end of your SSID.
<https://www.macworld.com/article/2343297/apple-wi-fi-network-wps-vulnerability-location-services-leak.html>
I don't even know what that question is asking, but here's more about how
Apple recently threw everyone under the bus who didn't add the "_nomap".

[https://www.theregister.com/2024/05/23/apple_wifi_positioning_system/]
"The threat applies even to users that do not own devices for which the
WPSes are designed - individuals who own no Apple products, for instance,
can have their AP in Apple's WPS merely by having Apple devices come
within
Wi-Fi transmission range."

<https://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf>
In this work, we show that Apples WPS implementation can easily
be abused to create a serious privacy threat on a global scale.

[https://9to5mac.com/2024/05/24/apple-location-services-vulnerability/]
"There is one crucial difference between the way in which
Apple and Google devices carry out this task
and that's exactly where the privacy issue arises."

[https://www.macworld.com/article/2343297/apple-wi-fi-network-wps-vulnerability-location-services-leak.html]
"Researchers have discovered a crucial vulnerability in the way
only Apple's location services work"

[https://www.govinfosecurity.com/surveillance-risk-apples-wifi-based-positioning-system-a-25330]
"The attack risk stems from Apple's WiFi-based Positioning System, or WPS"

[https://9to5mac.com/2024/05/24/apple-location-services-vulnerability/]
"We need to understand Apple devices figure out locations differently"

[https://securityboulevard.com/2024/05/apple-wi-fi-location-privacy-richixbw/]
"An unrestricted Apple API endpoint allows for easy tracking."


[https://cybernews.com/privacy/apple-beams-wifi-location-data-privacy-risk/]
"Anyone can exploit Apple's flawed WiFi-based positioning system (WPS)*

[https://arxiv.org/abs/2405.14975]
"In this work, we show that Apple's flawed WPS can too easily be abused"


<https://cyberinsider.com/apples-wi-fi-based-positioning-system-is-a-privacy-nightmare/>
""
<https://www.bizcommunity.com/article/apple-may-have-turned-wi-fi-routers-into-a-privacy-threat-239637a>
"Researchers from the University of Maryland have uncovered a
significant privacy vulnerability in Apple's Wi-Fi-based
Positioning System (WPS). This vulnerability enables attackers
to track devices globally by exploiting the way Apple's WPS
operates, raising serious privacy concerns."

<https://www.bizcommunity.com/article/apple-may-have-turned-wi-fi-routers-into-a-privacy-threat-239637a>
"Researchers from the University of Maryland have uncovered a
significant privacy vulnerability in Apple's Wi-Fi-based
Positioning System (WPS). This vulnerability enables attackers
to track devices globally by exploiting the way Apple's WPS
operates, raising serious privacy concerns."

<https://cyberinsider.com/apples-wi-fi-based-positioning-system-is-a-privacy-nightmare/>
*Apple's Wi-Fi-Based Positioning System is a Privacy Nightmare*
"Researchers from the University of Maryland have uncovered a
significant privacy vulnerability in Apple's Wi-Fi-based Positioning
System (WPS). This vulnerability enables attackers to track devices
globally by exploiting the way Apple's WPS operates, raising
serious privacy concerns."

In summary, people hate me because I tell them things they don't want to
understand, where I hope you at least appreciate I'm trying to help you.