Hi, In our IDN when a user tries to change a password, we have found that they can still enter their previous password which gets accepted and same old password getting set as new password.
Could you please suggest what we can do in password change URL - https://tenantname.identitynow.com/r/default/reset-password, so that on click on change password button it should get last 7 password and new password should not be from those 7 password.
While ISC has password policies about the construction of a password, it does directly support password history. You will need to configure Pass-Through Authentication to your Active Directory source. Then when the user attempts to change their password, it will be sent to ISC and Active Directory at the same time allowing feedback from the AD policy and password history.
Hi Alicia,
Thanks for your response. We have PTA configured in our AD service. There is one point I would like to add in this use case-
if we change pwd with our own ID directly in AD, policy will be checked, but through IDN we are doing a reset with service account which is an admin id. I think this is a case with password change in AD using admin account.