Minimum number of password before reuse feature in Basic Password Services is allowing previous passwords

search cancel

Minimum number of password before reuse feature in Basic Password Services is allowing previous passwords

book

Article ID: 274092

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign-On

Issue/Introduction

"Minimum number of password before reuse" is set to 6.

User will change password 6 times so the password history will have following 6 passwords history.
pass1
pass2
pass3
pass4
pass5
pass6

When users try to change password again in reverse order (ex. attempt change password to pass5 --> pass4 --> pass3 --> pass2 --> pass1 to see how many passwords in the history will be rejected) and users will be able to change to pass3 although 6 passwords in the history should be rejected.

When a new password policy with same setting is created, that works as expected.

Environment

Release : 12.8.x

Cause

This password policy was created long ago and lacks several elements in its object structure.

Resolution

Delete and recreate the Password Policy to ensure the Password Policy has all the required elements.

Feedback

thumb_up Yes

thumb_down No