The system must not allow password changes for a user if the new password matches one of the previous 5 passwords for the same user.
PCI DSS v3.2.1 - Requirement 8.2.5 Do not allow an individual to submit a new password/passphrase that is the same as any of the last four passwords/passphrases he or she has used.
Corporate member of The OWASP Foundation
Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.
