PCI Compliance Password Related Requirements
- 8.5.3 Set first-time passwords to a unique value for each user and change immediately after the first use.
- 8.5.8 Do not use group, shared, or generic accounts and passwords.
- 8.5.9 Change user passwords at least every 90 days.
- 8.5.10 Require a minimum password length of at least seven characters.
- 8.5.11 Use passwords containing both numeric and alphabetic characters.
- 8.5.12 Do not allow an individual to submit a new password that is the same as any of the last four passwords he or she has used.
Payment Card Industry (PCI) Compliance is a set of security standards that were created by the major credit card companies
(American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect their
customers from increasing identity theft and security breaches.
nFront Password Filter can help your company achieve the minimum PCI compliance standards.
For more information on PCI compliance requirements or to find an approved scanning vendor visit the Official PCI
Security Standards Council.