V-38572: The system must require at least four characters be changed between the old and new passwords during a password change.
--------------------------------------------------------------------------------------------------------------------------------

Requiring a minimum number of different characters during password changes
ensures that newly changed passwords should not resemble previously
compromised ones. Note that passwords which are changed on compromised systems
will still be compromised, however.

Details: `V-38572 in STIG Viewer`_.

.. _V-38572 in STIG Viewer: https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2015-05-26/finding/V-38572

Notes for deployers
~~~~~~~~~~~~~~~~~~~

.. include:: developer-notes/V-38572.rst