The HISTORY parameter in the /etc/default/passwd file prevents users from using similar passwords with the HISTORY value.
If MINWEEKS is set to 3 and HISTORY is set to 10, passwords cannot be reused for 10 months.
# pfedit /etc/default/passwd . . . #Compliance to the PCI-DSS benchmark is 10 #HISTORY=0 HISTORY=10 MINDIFF=4 MINDIGIT=1 MINUPPER=1 MINWEEKS=3 MAXWEEKS=13
# pfedit /etc/default/login . . . # Compliance edit #PASSLENGTH=6 PASSLENGTH=14 . . .