💼 8.3.10 If passwords/passphrases are used as the only authentication factor for customer user access to cardholder data, then guidance is provided to customer users.
- ID:
/frameworks/pci-dss-v4.0.1/08/03/10
Description
Additional requirement for service providers only.
Including:
- Guidance for customers to change their user passwords/passphrases periodically.
- Guidance as to when, and under what circumstances, passwords/passphrases are to be changed.
Similar
- Sections
/frameworks/pci-dss-v4.0/08/03/10
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 8.3.10 If passwords/passphrases are used as the only authentication factor for customer user access to cardholder data, then guidance is provided to customer users. | 1 | 1 | 4 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 8.3.10 If passwords/passphrases are used as the only authentication factor for customer user access to cardholder data, then guidance is provided to customer users. | 1 | 1 | 4 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 8.3.10.1 If passwords/passphrases are used as the only authentication factor for customer user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed. | 1 | no data |
Policies (3)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS Account IAM Password Policy Number of passwords to remember is not set to 24🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User Access Keys are not rotated every 90 days or less🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Secrets Manager Secret Automatic Rotation is not enabled🟢 | 1 | 🟢 x6 | no data |