Block users from re-using old password, especially for mailboxes
System could remember a certain number of old passwords (admin configurable) and prevent user from selecting these again.
Have had more cases than I'd like to admit where customer re-used a previously compromised password. If Plesk remembered the last x passwords used by that account it would help.
Also adding ability so Plesk checks a server configurable password blacklist before accepting customers new selection would be appreciated.
Chris shared this idea
Plesk Tech Support commented
Forbid specifying an already used password as new when resetting it.