A recent review of accounts on various systems has found that after employees’ passwords are required tochange they are recycling the same password as before. Which of the following policies should be enforced to
prevent this from happening? (Choose two.)
Minimum password age
E: Password history determines the number of previous passwords that cannot be used when a user changes
his password. For example, a password history value of 5 would disallow a user from changing his password to
any of his previous 5 passwords.
B: When a user is forced to change his password due to a maximum password age period expiring, he could
change his password to a previously used password. Or if a password history value of 5 is configured, the user
could change his password six times to cycle back round to his original password. This is where the minimum
password age comes in. This is the period that a password must be used for. For example, a minimum
password age of 30 would determine that when a user changes his password, he must continue to use the
same password for at least 30 days.