[PCI DSS 3.0] [PCI DSS 3.0] 8.2.6 Set passwords/phrases for first- time use and upon reset to a unique value for each user, and

pcinetwork

PCINetwork.org Admin
#1
8.2.6 Set passwords/phrases for first- time use and upon reset to a unique value for each user, and change immediately after the first use.

8.2.6 Examine password procedures and observe security personnel to verify that first-time passwords for new users, and reset passwords for existing users, are set to a unique value
for each user and changed after first use.

If the same password is used for every new user, an internal user, former employee, or malicious individual may know or easily discover this password, and use it to gain access to accounts.
 
Top