R129. Validate previous passwords
This document contains the details of the security requirements related to the definition and management of user credentials in the organization. This requirement establishes the importance of validating passwords changes to ensure that the new passwords do not match previous user passwords.
The system must not allow password changes for a user if the new password matches one of the previous 5 passwords for the same user.