Skip to main content

💼 8.3 Secure all individual non-console administrative access and all remote access to the CDE using multi-factor authentication.

Contextual name: 💼 8.3 Secure all individual non-console administrative access and all remote access to the CDE using multi-factor authentication.
ID: /frameworks/pci-dss-v3.2.1/08/03
Located in: 💼 8 Identify and authenticate access to system components

Description

Multi-factor authentication requires that a minimum of two of the three authentication methods (see Requirement 8.2 for descriptions of authentication methods) be used for authentication. Using one factor twice (for example, using two separate passwords) is not considered multi-factor authentication.

Similar

Internal
- ID: dec-c-18be0c23

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 8.3.1 Incorporate multi-factor authentication for all non-console access into the CDE for personnel with administrative access.			2
💼 8.3.2 Incorporate multi-factor authentication for all remote network access originating from outside the entity's network.			1

Policies (1)

Policy	Logic Count	Flags
📝 Google Accounts are not configured with MFA 🟢		🟢 x3

Description
Similar
Sub Sections
Policies (1)