💼 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.

• Contextual name: 💼 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.

• ID: /frameworks/pci-dss-v4.0/08/03/09

• Located in: 💼 8.3 Strong authentication for users and administrators is established and managed.

Description

Empty...

Similar

• Sections
  • /frameworks/pci-dss-v3.2.1/08/02/04
  • /frameworks/pci-dss-v4.0.1/08/03/09
• Internal
  • ID: dec-c-76db323b

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 8.2.4 Change user passwords/passphrases at least once every 90 days.			2
💼 PCI DSS v4.0.1 → 💼 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.			2

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 8.2.4 Change user passwords/passphrases at least once every 90 days.			2
💼 PCI DSS v4.0.1 → 💼 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.			2

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (2)

Policy	Logic Count	Flags
📝 AWS Account IAM Password Policy Number of passwords to remember is not set to 24 🟢	1	🟢 x6
📝 AWS IAM User Access Keys are not rotated every 90 days or less 🟢	1	🟢 x6