Password policy checks fixes.
    - don't let a user set a password identical to the current one.
    - don't check more then the policy defined number of passwords in history
    - don't set an history longer than policy defined