Appendix: pci password requirements, For pci password requirements, D in – Gasboy CFN III Payment Application Best Practices Implementation Requirements User Manual
Page 4: Appendix: pci password, Requirements, A unique cfn user id must be us
Appendix: PCI Password Requirements
© 2008 GASBOY
7300 West Friendly Avenue · Post Office Box 22087
Greensboro, North Carolina 27420
Phone 1-800-444-5529 ·
· Printed in the U.S.A.
MDE-4759 CFN III Payment Application Best Practices Implementation Requirements · September 2008
Gasboy
®
is a registered trademark of Gilbarco Inc. Windows
®
XPE is a registered trademark of Microsoft Corporation.
Appendix: PCI Password Requirements
The following password controls must be followed to meet minimum PCI password
requirements.
• Password must be at least 7 characters in length.
• Password must be changed at least every 90 days.
• Any inactive accounts must have passwords removed on a regular basis.
• Any unused or unnecessary accounts must be disabled.
• Third party system maintenance password and User ID assignment must be set up on a
temporary basis. After the maintenance is complete, the account must be deactivated.
• Strong passwords are required. A strong password must consist of a combination of lower
case letters, upper case letters, and numerics. A strong password should be unique and not
consist of common names or places.