PCI Requirement 8.2 – Ensure Proper User-Authentication Management by Something You Know
PCI Requirement 8.2.1 – Use Strong Cryptography to Render All Authentication Credentials Unreadable
PCI Requirement 8.2.6 – Set Passwords for First-Time Use and Upon Reset to a Unique Value
PCI Requirement 8.2.2 – Verify User Identity Before Modifying Any Authentication Credential
PCI Requirement 8.2.3 – Passwords Require a Min. of Seven Characters and Contain Numbers & Letters
PCI v4.0 - 8.2.2: Group, Shared, or Generic Accounts Are Only Used When Necessary
PCI Requirement 8.2.4 – Change User Passwords/Passphrases at Least Once Every 90 Days
PCI Requirement 8.2.5 – New Passwords Can’t Be the Same as Any of the Last Four Passwords Used
PCI v4.0 - 8.2.1: All Users Are Assigned Unique User IDs
PCI Readiness Series: Requirement 8
PCI v4.0 - 8.2.5: Revoke Access for Terminated Users Immediately
PCI v4.0 - 8.2.8: Require Reauthentication if User Session Has Been Idle for More Than 15 Minutes
PCI v4.0 - 8.2.4: User IDs and Identifier Objects Are Managed Appropriately
PCI Requirement 8: Identify and Authenticate Access to System Components
PCI v4.0 - 8.2.6: Inactive User Accounts Are Removed or Disabled
PCI Requirement 8.1.2 – Control Addition, Deletion, and Modification of User IDs, Credentials
PCI v4.0 - 8.2.7: Properly Manage Accounts Used By Third Parties
PCI Requirement 8.3 – Secure All Individual Non-Console Administrative Access
"Weak passwords? Not on our watch. 🔐" Meet PCI-DSS Control 8.2.3 — your defense against weak creden
PCI Requirement 8.6 – Authentication Mechanisms Must Not Be Shared Among Multiple Accounts