Which password policy feature prevents users from changing their password immediately after a reset?

The feature that prevents users from changing their password immediately after a reset is the minimum password age. This policy setting ensures that once a user changes their password, they must wait for a specified duration before they are allowed to change it again. This helps to maintain the integrity of the password management process and reduces the likelihood of abuse, such as a user quickly resetting their password repeatedly.

By enforcing a minimum password age, organizations establish a set timeframe during which users cannot modify their passwords, encouraging them to use the new password for a longer period, thereby increasing security. This policy is essential for mitigating risks associated with frequently changing passwords, which can lead to weak security practices such as the use of easily guessable passwords or similar variations.

In contrast, session lifetime dictates how long a user session remains active, password complexity requires passwords to conform to specific standards, and password expiration sets a timeframe after which passwords must be changed. While these features serve important roles in overall password security, they do not specifically address the immediate reusability of a password following a reset like the minimum password age does.