PCI Password Compliance

PCI Password Compliance

• What is PCI Compliance• PCI Password Regulations• nFront Password Filter Benefits

What is PCI Compliance

Payment Card Industry (PCI) Compliance is a set of security standards that were created

by the major credit card companies to protect their customers from increasing

identity theft and security breaches.

PCI Password Requirements

8.5.3 Set first-time passwords to a unique value for each user and change immediately after the first use.

8.5.8 Do not use group, shared, or generic accounts and passwords.

8.5.9 Change user passwords at least every 90 days.

8.5.10 Require a minimum password length of at least seven characters.

8.5.11 Use passwords containing both numeric and alphabetic characters.

8.5.12 Do not allow an individual to submit a new password that is the same as any of the previous four passwords.

First Time Passwords

8.5.3 Set first-time passwords to a unique value for each user and change immediately after the first use.

Do not set first time passwords to something simple like the user’s last name

Follow up to make sure the user actually logs on and changes their password

If the person never logs on the account could sit on the network awaiting an easy hacking attempt

Consider our nFront Account Disabler product to disable dormant or unused accounts

No shared accounts

8.5.8 Do not use group, shared, or generic accounts and passwords.

Every administrator and person should have separate user accounts

Ideally, administrators should have 2 accounts: one regular user account and one with administrative privileges

Shared accounts provide no unique audit trail. Malware or viruses can destroy or compromise any data accessible by the shared account

The built-in administrator account should be used for emergencies only 

Change Passwords Often

8.5.9 Change user passwords at least every 90 days.

Minimum Password Length

8.5.10 Require a minimum password length of at least seven characters.

Include Numbers in Passwords

8.5.11 Use passwords containing both numeric and alphabetic characters.

Password Repetition

8.5.12 Do not allow an individual to submit a new password that is the same as any of the previous four

passwords.

Windows - Good nFront - Even Better

What is nFront Password Filter

nFront Password Filter is a password policy enforcement solution that provides multiple, granular password policies for Windows domains.

The standard Windows password policy cannot meet most industry compliance requirements.

Without nFront Password Filter your network can allow weak passwords that are an easy target for

hackers and malware.

nFront Password Filter Benefits

nFront Password Filter options exceed PCI Requirements

One checkbox to meet minimum PCI password requirements

Up to 6 different granular password policies in one Windows Domain

A dictionary option to prevent millions of common passwords is less than one second

An optional client to clearly show the password rules and an improved failure message

One Step Compliance

nFront Password Filter provides features that Windows cannot - such as one

step PCI Compliance.

Multiple Policies

Create up to 6 different password policies with each policy targeting one or more

security groups or OUs.

Prevent Common Passwords

Optional nFront features not possible with standard Windows policies:

• Customizable dictionary check• Client with strength meter• Better failure message

nFront Password Filter Benefits

Fill out SAQs faster with the assurance that you are PCI DSS compliant with a password filter on your network.

Better security against password hacking/cracking.

From the nFront Team, Thank You

For questions regarding nFront Security products or compliance please visit

nFrontSecurity.com