PCI 8.2.5 Configure system security parameters to prevent misuse - Password History: 4 passwords remembered

Information

If password history isn't maintained, the effectiveness of changing passwords is reduced, as previous passwords can be reused over and over. Requiring that passwords cannot be reused for a period of time reduces the likelihood that passwords that have been guessed or brute-forced will be used in the future.

See Also

https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(e), CSCv6|16.5

Plugin: Windows

Control ID: c64e8046f388d27b150603480b2873ded42d5096fe1f29e035e0c46506985de2