An administrator discovers that many users have used their same passwords for years even
though the network requires that the passwords be changed every six weeks. Which of the
following, when used together, would BEST prevent users from reusing their existing
password? (Select TWO).
A.
Length of password
B.
Password history
C.
Minimum password age
D.
Password expiration
E.
Password complexity
F.
Non-dictionary words
Why minimum password age and not maximum password age? Intuitively I think that forcing users to change their passwords after X time would fall under a maximum time frame.
I agree. it should be maximum age.
Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favourite. So, it is right.
Why?
At your case — password history should prevent using same passwords again. Isn’t it?
Strange case.