Symptom
When the mobile feature Mobile Security > Mobile App Password > Settings > Enable Password History Policy is turn on. Users are able to reuse previous 5 passcodes
Environment
SAP SuccessFactors HXM Suite
Reproducing the Issue
Enable the Mobile feature
Mobile Security > Mobile App Password > Settings > Enable Password History Policy
Install the SF mobile app and activate - after login you will be prompted to set your passcode
Once set > logout and back in - when prompted to enter you passcode > instead select the forgot password option
You will need to enter your SF credentials to verify yourself and then you will be asked to set your new mobile passcode
Set the same passcode as previous used
System allows you to set the same passcode - despite the option "Enable Password History Policy" (Note: Password History Policy rejects passwords that are identical to the 5 recently used passwords. It is not possible to use it with Biometric Support.)
Cause
This is expected as the mobile password history policy only applies when the passcode expires
It does not apply when the user selects "forgot password"
It does not apply if the user uninstalls and re-installs the mobile app
Resolution
This is expected as the mobile password history policy only applies when the passcode expires
It does not apply when the user selects "forgot password"
It does not apply if the user uninstalls and re-installs the mobile app
Keywords
Enable Password History Policy, Mobile Security, Mobile Password, Mobile Passcode , KBA , LOD-SF-PLT-MOB , Mobile Issues , Problem