That is certainly how you would do password expiry if you implement it as a true security measure. However, what if you just implement it because you were told 'we need password expiry', either because bosses think it is bad practice or because of regulatory requirements. In that case, you might very well decide to implement 'any difference is fine'. And really, given what we know about password expiry, that is the better approach.

Not having it would be better, but that would be insubordination.