>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

8.6.3Passwords/passphrases for any application and system accounts are protected against misuse as follows: Passwords/passphrases are changed periodically (at the frequency defined in the entity’s targeted risk analysis, which is performed according to all elements specified in Requirement 12.

>Requirement Description

Passwords/passphrases for any application and system accounts are protected against misuse as follows: Passwords/passphrases are changed periodically (at the frequency defined in the entity’s targeted risk analysis, which is performed according to all elements specified in Requirement 12.3.1) and upon suspicion or confirmation of compromise. Passwords/passphrases are constructed with sufficient complexity appropriate for how frequently the entity changes the passwords/passphrases. Applicability Notes This requirement is a best practice until 31 March 2025, after which it will be required and must be fully considered during a PCI DSS assessment.

>Cross-Framework Mappings

NIST CSF 2.0

via NIST OLIR Catalog
GV.RM-03
Compare
GV.RM-06
Compare
ID.RA-07
Compare
PR.AA-01
Compare

SCF

IAC-10
Compare
IAC-10.1
Compare

Ask AI

Configure your API key to use AI features.