# How does the 'percent different from last password' work ?

Document created by joydeepdasgupta on Apr 22, 2016Last modified by kristen.palazzolo on Dec 17, 2016
Version 2Show Document

Hi,

I need to understand how exactly does the 'percent different from last password' work in the password policies (under the Restrictions tab) ? Is there a math to work out the percentage difference between the previous & current password ?

Regards,

Joydeep

It's just doing a string compare of the characters.  If you set "Percent different from last password = 50", then if more than half of the characters in the new password are the same as the old password, then it will fail.  You can also choose to ignore the order of characters.

Specifies the percentage of characters a new password must contain that differ from characters in the previous password. If the value is set to 100, the new password may contain no characters that were in the previous password, unless Ignore sequence when checking for differences is set to 0. For examples of how this parameter works with Ignore sequence when checking for differences selected, see the following table."

Thanks.

I don't see the "table" referred in your in your last sentence "For examples of how this parameter works with Ignore sequence when checking for differences selected, see the following table.".

Can you publish that too ?

You should be able to find the entire section of documentation by doing the following:

2) Goto [Policies -> Pasword -> Password Policies]

3) View a Password Policy (Select CREATE, if none are present).

4) Go to the "Restrictions" tab.

5) 'click' HELP.

6) Review the section "Password Policy Restrictions -> Change Required Group Box"

Specifies the percentage of characters a new password must contain that differ from characters in the previous password. If the value is set to 100, the new password may contain no characters that were in the previous password, unless Ignore sequence when checking for differences is set to 0. For examples of how this parameter works with Ignore sequence when checking for differences selected, see the following table.

Ignore sequence when checking for differences

Ignores the position of the characters in the password when determining the percentage.

For example, if a user’s initial password is BASEBALL12 and the Ignore sequence when checking for differences check box is selected, a user cannot choose 12BASEBALL as the new password. If the check box is cleared, 12BASEBALL is an acceptable password because each letter occurs in a different position. For examples of how this parameter works with Percent different from last password, see the following table.

For increased security, Ignore sequence when checking for differences check box should be selected.

 Passwords Percent different Ignore sequence Accepted BASEBALL12 (Old)12BASEBALL 0 10 YY BASEBALL12 (Old)12BASEBALL 100 10 NY BASEBALL12 (Old)12SOFTBALL 0 10 YY BASEBALL12 (Old)12SOFTBALL 90 10 NY BASEBALL12 (Old)12SOFTBALL 100 10 NN

This document was generated from the following discussion: How does the 'percent different from last password' work ?