The issue of users continuously using tools to change passwords on the website
Currently, the tech-savvy users in our company are using tools to exploit our website's Change Password feature to revert to old passwords. We have implemented a restriction disallowing the reuse of the last 10 passwords. However, users have been using these tools to rapidly change their password 10 times and then revert to their original password, which poses a security risk to our company.
I kindly request the admin to consider adding additional restrictions to the Change Password feature to prevent users from using tools to circumvent our password policies.
For example: Allow users to change their password only 3 times within a month
New to ADSelfService Plus?