The Password Policy module allows storing of past passwords. As people sometimes use variations on a particular password, an intruder having access to those past passwords would be nearly as bad as having access to current passwords.

Please add the option to clear those past passwords as well if the Password Policy module is present and those passwords are being stored. As long as it wouldn't break Password Policy, it would be acceptable to simply remove those entries rather than generating a random entry.