πΌ 8.3.6 If passwords/passphrases are used as authentication factors to meet Requirement 8.3.1, they meet the minimum level of complexity.
-
Contextual name: πΌ 8.3.6 If passwords/passphrases are used as authentication factors to meet Requirement 8.3.1, they meet the minimum level of complexity.
-
ID:
/frameworks/pci-dss-v4.0/08/03/06 -
Located in: πΌ 8.3 Strong authentication for users and administrators is established and managed.
Descriptionβ
As follows:
- A minimum length of 12 characters (or IF the system does not support 12 characters, a minimum length of eight characters).
- Contain both numeric and alphabetic characters.
Similarβ
- Sections
/frameworks/pci-dss-v3.2.1/08/02/03/frameworks/pci-dss-v4.0.1/08/03/06
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 8.2.3 Passwords/passphrases must have complexity and strength. | 1 | 2 | ||
| πΌ PCI DSS v4.0.1 β πΌ 8.3.6 If passwords/passphrases are used as authentication factors to meet Requirement 8.3.1, they meet the minimum level of complexity. | 2 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 8.2.3 Passwords/passphrases must have complexity and strength. | 1 | 2 | ||
| πΌ PCI DSS v4.0.1 β πΌ 8.3.6 If passwords/passphrases are used as authentication factors to meet Requirement 8.3.1, they meet the minimum level of complexity. | 2 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (2)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account IAM Password Policy minimum password length is 14 characters or less π’ | 1 | π’ x6 |
| π AWS Account IAM Password Policy Number of passwords to remember is not set to 24 π’ | 1 | π’ x6 |