A: This was a change introduced back with Windows Server 2003 known as Password history check (N-2).

Provided their accounts have password history enabled, when users try to log on, if they enter their previous password (or even the password prior to that), the badPwdCount will not be incremented, which is, in turn, used to track bad password attempts and causes the account to get locked out.

The goal of this change was to reduce the amount of account lockouts by users typing their previous password instead of the current password.