Required Difference in Passwords (QPWDRQDDIF)

The Required Difference in Passwords (QPWDRQDDIF) system value controls whether the password must be different from previous passwords.

This value provides additional security by preventing users from specifying passwords that were used previously. It also prevents a user whose password has expired from changing it and then immediately changing it back to the old password.

Note: The value of the QPWDRQDDIF system value determines how many of these previous passwords are checked for a duplicate password. This system value is a restricted value. See Security system values for details on how to restrict changes to security system values and a complete list of the restricted system values.
Table 1. Possible values for the QPWDRQDDIF system value:
Value Number of previous passwords checked for duplicates
0 0 Duplicate passwords are allowed.
1 32
2 24
3 18
4 12
5 10
6 8
7 6
8 4

Recommended value: Select a value of 5 or less to prevent the use of repeated passwords. Use a combination of the Required Difference in Passwords (QPWDRQDDIF) system value and the Password Expiration Interval (QPWDEXPITV) system value to prevent a password from being reused for at least 6 months. For example, set the QPWDEXPITV system value to 30 (days) and the QPWDRQDDIF system value to 5 (10 unique passwords). This means a typical user, who changes passwords when warned by the system, will not repeat a password for approximately 9 months.