Requirement 8.5.12

Do not allow an individual to submit a new password that is the same as any of the last four passwords he or she has used.