"A password can't begin with another password." (meant to capture password, password2, password3... Are you going to hash every permutation? Seems like an awful lot of disk space.
Another policy I've seen is "passwords must differ by at least N characters". Again, how many hashes do you need to store for a 16 character password?
For any trivial policy ("don't add numbers to the end", storing the extra hashes will work. All the password policy systems I've seen allow too many axes of freedom for that.
Another policy I've seen is "passwords must differ by at least N characters". Again, how many hashes do you need to store for a 16 character password?
For any trivial policy ("don't add numbers to the end", storing the extra hashes will work. All the password policy systems I've seen allow too many axes of freedom for that.