Limit how often a user's password can be changed.
Client would like to limit how often a users password can be changed. Currently you can change your password more than once a day using the password reset link. This is an audit concern for the client. They want to be able to limit it to once a day.