Unlimited history password

Thanks for the feedback ;D @planedrop

1 Like

Hello All,

A larger password history would be useful if someone were to update/generate a new password field X times which cleared out the old password.

Though unlikely it could still be useful. I think rather than it being unlimited for everyone, making this available as a policy and allowing the admin to set the limit would be better. Alternatively, making it so you can pull the data via an individualized password history ‘audit’ report or something.


Someone could merge all posts about unlimited history here. is an idea, whoever is interested, it would be a good idea. ;D

I can’t tell you how many times I’ve been afraid of loosing my current password when I use the password generator to update an account’s password, but the site keeps rejecting the newly generated password (without listing password requirements or indicating what I’m doing wrong - too many characters, unacceptable special characters, etc.)


I suggest merging this into Unlimited history password, which has more votes.

Not commenting on keeping password history as a matter of personal preference but on this:

Well, I hope I never get to deal with any of those places. I believe I have avoided them so far.

By that account, “strict security” means a person can break into an account or falsely identify themselves by using any password you ever used there. Multiple possible entry points, unlimited time, weakest point can be attacked. Most people’s older passwords are weaker than their newer ones, unsurprisingly. Gives a whole new payoff to harvesting.

As a personal option I have no difficulty with the proposal, so long as no significant commercial entity decides such “strict security” is a good idea on their side. :slight_smile: