Re: Ahhh passwords...
One place I worked had password management which detected whether or not a password was too similar to a previous one. Not identical, similar. The only way I can think of making that work is to store the passwords in plain text somewhere....
It can be done without plain text storage, you can learn a lot by playing with what they will accept. When I've seen that in the past the underlying logic hashed the first and second halves of the password separately, rejecting the new password if either half matches. That catches e.g. Password1 -> Password2 but fails on Password1 -> 1Password.
Biting the hand that feeds IT
