If there were a data breach where a hacker could figure out the encryption algorithm, you don’t want users to reuse an older password because those older passwords could’ve already been cracked.
By the way, this is why you should also never use the same password for every site. If one of your passwords is leaked and linked to a similar username or email, everything is vulnerable. I’ve had this happen before (the Target breach). After that I started using SSO exclusively, with a random 16 char password manager if SSO isn’t an option (crossing my fingers that bitwarden doesn’t get hacked like LastPass)
I understand when you are prompted to change, but not when you aren’t. As I mentioned in another comment I remember Epic basically trolling me into resetting my password almost daily at some point
Why does this happen though? I always wondered why is it that a platform recognises your old password only when you are trying to change it
If there were a data breach where a hacker could figure out the encryption algorithm, you don’t want users to reuse an older password because those older passwords could’ve already been cracked.
By the way, this is why you should also never use the same password for every site. If one of your passwords is leaked and linked to a similar username or email, everything is vulnerable. I’ve had this happen before (the Target breach). After that I started using SSO exclusively, with a random 16 char password manager if SSO isn’t an option (crossing my fingers that bitwarden doesn’t get hacked like LastPass)
I understand when you are prompted to change, but not when you aren’t. As I mentioned in another comment I remember Epic basically trolling me into resetting my password almost daily at some point