I want to have a user management system. I allow users to change their

Question

0

Asked: June 12, 20262026-06-12T00:06:14+00:00 2026-06-12T00:06:14+00:00

I want to have a user management system. I allow users to change their

0

I want to have a user management system. I allow users to change their password, but I should have restrictions. For instance that the new password is not any of the last five passwords used.

How should I maintain a list of the last five passwords?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-12T00:06:15+00:00

I already posted a comment above. But just to answer your question. You should create an old_passwords table with the user_id, old_password, creation_date in it.

Store the date when the password is first created in the main table. When changing the password copy the old password and that original date to creation_date in the old_passwords table. Then update the password, and set the date to now in the main user table.

You should also probably drop a unique index on user_id, creation_date.

To delete:

DELETE FROM old_password
WHERE user_id = ## AND creation_date NOT IN
  (SELECT creation_date
   FROM old_password
   WHERE user_id = ##
   ORDER BY creation_date DESC
   LIMIT 5)

(You should test this code BTW.) You run this query when a person updates their password.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I want to have a user management system. I allow users to change their

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply