💼 8.5 Do not use group, shared, or generic IDs, passwords, or other authentication methods.
-
Contextual name: 💼 8.5 Do not use group, shared, or generic IDs, passwords, or other authentication methods.
-
ID:
/frameworks/pci-dss-v3.2.1/08/05 -
Located in: 💼 8 Identify and authenticate access to system components
Description
As follows:
- Generic user IDs are disabled or removed.
- Shared user IDs do not exist for system administration and other critical functions.
- Shared and generic user IDs are not used to administer any system components.
Similar
- Sections
/frameworks/pci-dss-v4.0/08/02/02
- Internal
- ID:
dec-c-c33bf83a
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 8.2.2 Group, shared, or generic accounts, or other shared authentication credentials are only used when necessary on an exception basis. | 2 | 2 |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 8.2.2 Group, shared, or generic accounts, or other shared authentication credentials are only used when necessary on an exception basis. | 2 | 2 |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 8.5.1 Service providers with remote access to customer premises must use a unique authentication credential for each customer. |
Policies (2)
| Policy | Logic Count | Flags |
|---|---|---|
| 📝 AWS Account Root User credentials were used is the last 30 days 🟢 | 1 | 🟢 x6 |
| 📝 AWS Account Root User has active access keys 🟢 | 1 | 🟢 x6 |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-e58fd8e0 | 1 |