Was this article helpful?
Payment Card Industry Data Security Standard (PCI-DSS) Password and User Account Security Requirements
For more information on the PCI-DSS requirements and for the latest updates visit the PCI Security Standards Council’s website athttps://www.pcisecuritystandards.org/.
•User Account password length must be no less than seven (7) characters (PCI DSS 8.5.10)
•Passwords must be a combination of numeric and alphanumeric characters (PCI DSS 8.5.11)
•Restrict the re-usage of the last four (4) previous passwords for a user account (PCI DSS 8.5.12)
•Passwords expire every ninety (90) days (PCI DSS 8.5.9).
•Accounts are locked out after no more than six (6) failed login attempts (PCI DSS 8.5.13)
•A minimum lockout duration of thirty (30) minutes is enforced (PCI DSS 8.5.14)
•A session time out after fifteen (15) minutes of inactivity is enabled (PCI DSS 8.5.15)
Related Articles
Security Groups Number of Views System Security Number of Views Microsoft Password Reset Number of Views Integrated Credit Card Module Overview Number of Views Expert and Elite | Configure Permissions to Manage Access and Security Number of Views