When changing passwords, it is best practice not to use the same password again. A password history must be maintained. Since do not know the password itself, the password hash is kept somewhere when setting a new local password and the new generated hash is tested against the old one.
- Make password history configurable (only for OpenOLAT login provider)
- 0 = not enabled
- n = keep n versions of old password to compare against
- Make sure LDAP password caching still works even when enabled for local passwords
The feature is only for local OpenOLAT passwords. It will not affect the LDAP, Shibboleth or oAuth authentication method. Also not affected is the WebDAV and any other internal passwords such as the iCal Feed password.
FX internal reporting: CL-870