My company wants me to set “enforce password history” to 1 password remembered on the windows servers. The users want to switch back and forth between 2 passwords. I know this is not “best practice” and I do not agree with this. I need to make a case why we should not do this. Any suggestions would be appreciated. Thank You.
