Enforce password history

Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy

Description

Determines the number of unique new passwords that have to be associated with a user account before an old password can be reused. The value must be between 0 and 24 passwords.

By default, this setting is defined in the Default Domain Group Policy object (GPO) and in the local security policy of workstations and servers with a value of 1.

The intent of this policy is to enable administrators to enhance security by ensuring that old passwords are not continually reused.

Note

For history to be effective, do not allow passwords to be changed immediately when configuring the Minimum password age .