R129. Validate previous passwords


The system must not allow password changes for a user if the new password matches one of the previous 5 passwords for the same user.


  1. PCI DSS v3.2.1 - Requirement 8.2.5 Do not allow an individual to submit a new password/passphrase that is the same as any of the last four passwords/passphrases he or she has used.

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.