What's the third letter of the second name of your great great great great grandson divided by two?

Rejecting new passwords based on the old indicate they are, at best, keeping the old hashes. If the new PW is "George7", they also try "George6", "George5", ... during the validation. Hey, what could possible go wrong with that?