Information
You should not allow your users to reuse the same password on their mobile devices.
Rationale:
Devices without this protection are vulnerable to being accessed by attackers who can then steal account credentials, data, or install malware on the device. Choosing unique and unused passwords every time a password changes on mobile devices lessens the likelihood that the password can be guessed by an attacker.
Impact:
This change will have a moderate user impact
Solution
To set mobile device management profiles, use the Microsoft 365 Admin Center:
Under Admin Centers select Endpoint Management.
Select Devices and then select Configuration profiles
Select Create profile
Set a Name for the policy, choose the appropriate Platformand select Device restrictions
In the Password section, ensure that Prevent reuse of previous passwords is set to 5.
Default Value:
Password reuse is not enforced by default.