Old password can be new password

### Affected Domain: https://demo.weblate.org/ ### Issue: The sites like Facebook and Google keeps tracks of old password and does not allow user to set password similar to their old passwords. However in case of demo.weblate.org. It is possible for a user to set new password which is exactly similar to old passwords. ### Impact: Thought the impact of the issue is not high, it is always best practice to now allow so. ### Solution: The password history of the user should be tracked and user should not be allowed to set password which are similar to his old passwords.