PCI DSS Requirement 8 addresses secure authentication requirements and requires that all passwords and other authentication credentials be securely managed. These requirements apply to all non-consumer users and administrators. The term “non-consumer user” refers to all individuals, excluding cardholders, who access system components, including employees, administrators, and third parties. |
May 2014
Article Number 1067