Users currently have the ability of keeping their old passwords indefinitely by using the password reset portal to initially change the password then put it back to the old password. I would like to see an option on the password policy to retain history of the hashed passwords and a minimum amount of time the user has to wait between password changes.
Thanks for the feedback. We already have this logged as a feature request. Once this is available it will be included in future releases of our service.