This also leads to stupid rules like you can change your password more than once a day, to prevent someone from changing their password 5 times and then changing it back to what it was before.