Don't reuse old passwords in password change processs
Posted: Mon May 29, 2023 8:07 pm
Hi,
I would like to add functionality to the process of changing the password by the user after it has expired. When changing, old passwords should not be reused. To achieve this, I've come up with the idea of storing the hashed passwords in a table and, when the password is changed, checking that the new password doesn't exist among the user's last four.
Now, I really don't know where in PHPMaker's events to make this check.
Has anyone already implemented this feature?