A quick overview of the password policy regulations enforced by Payment Card Industry Compliance and nFront Security offers a quick solution for companies struggling with filling out SAQs. View more information about <a>nFront Password Filter</a>.

1. PCI Password Compliance

2. PCI Password Compliance
• What is PCI Compliance
• PCI Password Regulations
• nFront Password Filter Benefits

3. What is PCI Compliance
Payment Card Industry (PCI) Compliance is
a set of security standards that were
created by the major credit card companies
to protect their customers from increasing
identity theft and security breaches.

4. PCI Password Requirements

8.5.3 Set first-time passwords to a unique value for each user and
change immediately after the first use.

8.5.8 Do not use group, shared, or generic accounts and
passwords.

8.5.9 Change user passwords at least every 90 days.

8.5.10 Require a minimum password length of at least seven
characters.

8.5.11 Use passwords containing both numeric and alphabetic
characters.

8.5.12 Do not allow an individual to submit a new password that is
the same as any of the previous four passwords.

5. First Time Passwords
8.5.3 Set first-time passwords to a unique value
for each user and change immediately after the
first use.
 Do not set first time passwords to something simple like the user’s
last name
 Follow up to make sure the user actually logs on and changes their
password
 If the person never logs on the account could sit on the network
awaiting an easy hacking attempt
 Consider our nFront Account Disabler product to disable dormant or
unused accounts

6. No shared accounts
8.5.8 Do not use group, shared, or generic
accounts and passwords.
 Every administrator and person should have separate user
accounts
 Ideally, administrators should have 2 accounts: one regular user
account and one with administrative privileges
 Shared accounts provide no unique audit trail. Malware or
viruses can destroy or compromise any data accessible by the
shared account
 The built-in administrator account should be used for
emergencies only

7. Change Passwords Often
8.5.9
Change user passwords at least every 90 days.

8. Minimum Password Length
8.5.10
Require a minimum password length of at least
seven characters.

9. Include Numbers in Passwords
8.5.11
Use passwords containing both numeric and
alphabetic characters.

10. Password Repetition
Windows - Good
8.5.12
nFront - Even Better
Do not allow an individual to submit a new
password that is the same as any of the previous four
passwords.

11. What is nFront Password Filter
 nFront Password Filter is a password policy
enforcement solution that provides multiple,
granular password policies for Windows domains.
 The standard Windows password policy cannot
meet most industry compliance requirements.
Without nFront Password Filter your network can
allow weak passwords that are an easy target for
hackers and malware.

12. nFront Password Filter Benefits
nFront Password Filter options exceed PCI Requirements
 One checkbox to meet minimum PCI password requirements
 Up to 6 different granular password policies in one Windows
Domain
 A dictionary option to prevent millions of common passwords
is less than one second
 An optional client to clearly show the password rules and an
improved failure message

13. One Step Compliance
nFront Password Filter provides features
that Windows cannot - such as one
step PCI Compliance.

14. Multiple Policies
Create up to 6 different password policies
with each policy targeting one or more
security groups or OUs.

15. Prevent Common Passwords
Optional nFront features not possible
with standard Windows policies:
• Customizable dictionary check
• Client with strength meter
• Better failure message

16. nFront Password Filter Benefits
Fill out SAQs faster with the assurance that
you are PCI DSS compliant with a password
filter on your network.
Better security against password
hacking/cracking.

17. From the nFront Team, Thank You
For questions regarding nFront Security
products or compliance please visit
nFrontSecurity.com