Our previous system enforced a minimum of 8 chars, on changing password no more than 3 chars were allowed from the previous password, thus stopping using an incremental system, no more than 3 matching chars, stopping things like aaaaaaaa & the password could not be in use by anyone else in the company - a real pain to think of new memorable passwords. And there was a longer memory too.

Fortunately, when we were 'upgraded' to NT & 95, things got a bit easier for us.

Paul