When creating a user with an expired password and resetting their password via an email reset link, the user will immediately be presented with another password change form (because their previous password was expired).
Bug# 86870 votes
When you set the StaffPreviousPassword to 0, Aeon should default to checking a minimum of 4 unique passwords before an old password can be reused. Instead, a bug is causing the system to read the 0 as a null value, which in turn made it to unable to recognize any passwords. Until the bug is fixed, do not set the default value to 0.