Simple password rules for PCI DSS Compliance

Simple password rules for PCI DSS Compliance

- User-level passwords must be changed at least every 60 to 90 days.
- Accounts that have system-level privileges must have a unique password from all other accounts held by that user.
- Passwords must not be transmitted over the Internet by e-mail or any other form of communication, without being encrypted.
- Passwords should be a minimum 6 to 8 characters in length, with a combination of upper- and lower-case alpha and numeric characters and special characters as well (e.g., !%@$)
- Passwords should never be written down or shared with anyone.

Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Reddit
  • Google
  • Yahoo
  • Technorati

User login

Who's online

There are currently 0 users and 2 guests online.

Who's new

  • Hathcoonnorry
  • prongerieni
  • gaterfoko
  • Neptenveply
  • dkrzakaz