PCI Requirement- 8.5.12.a - 8.5.12.b Do not allow an individual to submit a new password that is the same as any of the last four passwords he or she has used.ID: oval:org.secpod.oval:def:6366 | Date: (C)2012-07-16 (M)2017-11-20 |
Class: COMPLIANCE | Family: macos |
For a sample of system components, obtain and inspect system configuration settings to verify that password parameters are set to require that new passwords cannot be the same as the four previously used passwords.
For service providers only, review internal processes and customer/user documentation to verify that new non-consumer user passwords cannot be the same as the previous four passwords.