An organization uses two separate password authentication profiles—one for Login and one for Transaction—each with its own password policy that prevents reuse of the last three passwords.

Is it possible to enforce a cross-profile password history rule so that:
- A user should not be allowed to set a Transaction password that was used recently (within the last 3 passwords) as a Login password.
- Similarly, a user should not be allowed to set a Login password that was used recently in the Transaction profile.

Symantec Strong Authentication 9.1.5.1

To address the issue it is recommended to apply the patch Symantec-AdvAuth-9.1.5.1-DE651761-HotFix. The patch can be downloaded from the KB article as well.