Enable password history by default
Law in Italy requires password expiration every 3/6 months. A common trick to avoid using a new password is to rewrite the same old password when prompted to change.
Enabling password history should fix wrong user behaviour.
Fixing the law it's a different issue.