We are on Sugar 14.0.1 Enterprise on-site.
We have set user passwords to expire after 90 days (see screenshot). This is working. However, the user can simply set their new password to be the exact password as their current one. This seems to defeat the purpose. I'm not seeing a setting to disallow using the previous password. I've looked everywhere in the Admin settings and there is no mention to this in the documentation. Is there a way to prevent users from reusing their passwords?
