Password Policy: Enforce Password History

Configuring Vista password policy settings

Password entry screen

Richard Newstead / Getty Images

This security setting determines the number of unique new passwords that have to be associated with a user account before an old password can be reused. The value must be between 0 and 24 passwords.

The Reason Behind the Number of Passwords

This policy enables enhanced security by ensuring that old passwords are not simply reused every time a user is required to periodically change or update their password.


  • 24 on domain controllers
  • 0 on stand-alone servers.

By default, PC's on a network domain follow the configuration of their domain controllers.

Enforce Password History should be used in conjunction with the Minimum Password Age policy setting to ensure that users do not simply create password after password immediately in order to bypass the Enforce Password History setting and reuse an old password sooner.