💼 8.3.4 Invalid authentication attempts are limited.
-
Contextual name: 💼 8.3.4 Invalid authentication attempts are limited.
-
ID:
/frameworks/pci-dss-v4.0/08/03/04 -
Located in: 💼 8.3 Strong authentication for users and administrators is established and managed.
Description​
Limited by:
- Locking out the user ID after not more than 10 attempts.
- Setting the lockout duration to a minimum of 30 minutes or until the user's identity is confirmed.
Similar​
- Sections
/frameworks/pci-dss-v3.2.1/08/01/06/frameworks/pci-dss-v3.2.1/08/01/07/frameworks/pci-dss-v4.0.1/08/03/04
- Internal
- ID:
dec-c-d59f94b4
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 8.1.6 Limit repeated access attempts by locking out the user ID after not more than six attempts. | ||||
| 💼 PCI DSS v3.2.1 → 💼 8.1.7 Set the lockout duration to a minimum of 30 minutes or until an administrator enables the user ID. | ||||
| 💼 PCI DSS v4.0.1 → 💼 8.3.4 Invalid authentication attempts are limited. |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 8.1.6 Limit repeated access attempts by locking out the user ID after not more than six attempts. | ||||
| 💼 PCI DSS v3.2.1 → 💼 8.1.7 Set the lockout duration to a minimum of 30 minutes or until an administrator enables the user ID. | ||||
| 💼 PCI DSS v4.0.1 → 💼 8.3.4 Invalid authentication attempts are limited. |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|