A warm welcome at the new #bytemine-office for a #Zarafa meeting: http://t.co/8WJA3Cx4MO
The default behavior of Microsoft Windows Server 2003 is to remember old passwords for one hour after a password change.
It is noted by Microsoft that no security weakness is caused by this kind of behavior, as long as only one user knows both passwords.
Existing components that are designed to use Kerberos for authentication are not affected.
Unofficially it is done for replication between 2 or more domain controllers. Standard domain controllers replicate every 15 minutes.