Great idea.

Alternative for now would be 2-factor authentication. You should consider which one is more user friendly 

We are facing also a password related problem.

Problem: while reset of password the user can enter the same password again same as the previous one. 

Expected: As an administrator I would like the users not to be able to set their password to their previous set password. There should be a limit of allowance to set a password as not to be the same as the previously 10 passwords used.

The feature to set a default expiration is planned for the 2021.2 release of the Thinkwise Platform, expected in April, as part of the automatic password expiration feature.

Updated idea status On the backlog → Planned

Preventing users from setting their password to their previous password will be released separately, at a later moment.

In the 2021.2 version of the Thinkwise Platform, it will be possible to add an expiration period for passwords in IAM. This can be done in the Global settings (menu Settings - Global settings).

For each user, the administrator can select an Expiration policy:

• Force expired - The user needs to change the password on the next login.
• Default expiration policy - After the number of days specified, the user needs to change the password. When the field Password expires in (days) is empty, passwords with Default expiration policy will never expire. 
• Never expires - Use this for service accounts that never need to expire and have no user available to change the password.

Preventing users from setting their password to their previous password will be released separately, at a later moment.