|
|
|
|
|
|
by waqf
4347 days ago
|
|
|
Not necessarily — if you require the user to type in "old password" and "new password" when they change their password then you have both passwords in cleartext at once and can check for similarity. You wouldn't be able to enforce "cannot be similar to the previous 8 passwords" like that, but they don't. |
|
|