2
Allow for a configuration option of minimum password age for how long a worker password must be used before it can be changed by the worker again.
This follows best practice as specified for Windows: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/minimum-password-age
From that page...
"Setting the number of days to 0 allows immediate password changes, which is not recommended. Combining immediate password changes with password history allows someone to change a password repeatedly until the password history requirement is met and re-establish the original password again. For example, suppose a password is "Ra1ny day!" and the history requirement is 24. If the minimum password age is 0, the password can be changed 24 times in a row until finally changed back to "Ra1ny day!". The minimum password age of 1 day prevents that."
This follows best practice as specified for Windows: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/minimum-password-age
From that page...
"Setting the number of days to 0 allows immediate password changes, which is not recommended. Combining immediate password changes with password history allows someone to change a password repeatedly until the password history requirement is met and re-establish the original password again. For example, suppose a password is "Ra1ny day!" and the history requirement is 24. If the minimum password age is 0, the password can be changed 24 times in a row until finally changed back to "Ra1ny day!". The minimum password age of 1 day prevents that."
STATUS DETAILS
Needs Votes
Administrator on 1/3/2023 6:35:24 AM
Thank you for the feature suggestion! We will monitor the votes and feedback here to determine its consideration and prioritization. - Boyce Zhu, Principal Product Manager, Dynamics 365 Commerce