History Count specifies the number of previous passwords saved for each USERID and compares it with an intended new password. If there is a match with one of the previous passwords, or with the current password, it will reject the intended new password. The improper setting of any of these fields, individually or in combination with another, can compromise the security of the processing environment.
Have the System Administrator display the Password Profile Task window on the Hardware Management Console and validate that the History Count is set to 10.<br /><br />If the History Count is less than 10, then this is a FINDING.<br />.
Have the System Administrator go into the Password Profile and set the History Count to 10 or greater.