NTLM + Password Policy Enforcer
This is a general question regarding NTLM password hashing and password policy enforcer programs.
If Windows & Samba only stores the hash value of a user's password (which by definition is a one way computation), when it comes time for the user to change his/her password, how do password policy enforcers know what the user's past 5 - 10 passwords are to check against?
Are the passwords usually stored in a db created by password policy enforcer program or is the password stored somewhere else on the system?
Thanks in advanced for any responses.