Skip to main content

πŸ’Ό 8.3.10.1 If passwords/passphrases are used as the only authentication factor for customer user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.

Description​

Additional requirement for service providers only.

Similar​

  • Sections
    • /frameworks/pci-dss-v3.2.1/08/02
    • /frameworks/pci-dss-v4.0.1/08/03/10/01

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 8.2 In addition to assigning a unique ID, ensure proper user-authentication management for non-consumer users and administrators on all system components.613
πŸ’Ό PCI DSS v4.0.1 β†’ πŸ’Ό 8.3.10.1 If passwords/passphrases are used as the only authentication factor for customer user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 8.2 In addition to assigning a unique ID, ensure proper user-authentication management for non-consumer users and administrators on all system components.613
πŸ’Ό PCI DSS v4.0.1 β†’ πŸ’Ό 8.3.10.1 If passwords/passphrases are used as the only authentication factor for customer user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags