...

Information on Security in PrismCore for PA-DSS 3.1

According to password complexity requirements for PCI 3.0:

...

Uppercase characters
Lowercase characters
Base 10 digits (0 through 9)
Non-alphanumeric characters: ~!@#$%^&*_-=`|(){}[]:;"'<>,.?/+

There are two areas where PrismCore software and servers interact with this requirement.

Server Component

In order for the PrismCore server to force adherence to complexity requirements, login attempts, expiration times, and other security related features, users must set the server up with password policy requirements. This is done via password policy that controls the servers running SQL. For information on how to set up and control this feature, Microsoft suggests the following:

{+}https://technet.microsoft.com/en-us/library/dn452420(v=ws.11).aspx+

Note: You will need to locate the information specific to the version of the operating system running on your server

PrismCore User / SQL User Component

When a PrismCore user is created, the system automatically creates a corresponding SQL user.
Beginning with PrismCore 27.3.2, all NEW users added to PrismCore are automatically set to "Enforce Password Policy" and "Enforce Password Expiration" in SQL when their PrismCore user is created. This means those users will be set up to adhere to the security policy set up on that server (see Server Component).
For users created prior to PrismCore 27.3.2, if a manager would like their PrismCore users to adhere to the security policy set, they will need to contact IT Support. Support will then enable the SQL users to "Enforce Password Policy" and "Enforce Password Expiration".

Versions Compared

Old Version 3

New Version Current

Key

Information on Security in PrismCore for PA-DSS 3.1

Server Component

PrismCore User / SQL User Component

Page Comparison

Versions Compared

Old Version 3

New Version Current

Key

<span class="diff-html-changed" data-a11y-before="Start of changed content" data-a11y-after="End of changed content" id="changed-diff-0">[data-colorid=</span>

<span class="diff-html-added" data-a11y-before="Start of added content" data-a11y-after="End of added content" id="added-diff-0">coa4uofbxb</span><span class="diff-html-changed" data-a11y-before="Start of changed content" data-a11y-after="End of changed content" id="changed-diff-1">]{color:</span>

<span class="diff-html-added" data-a11y-before="Start of added content" data-a11y-after="End of added content" id="added-diff-2">coa4uofbxb</span><span class="diff-html-changed" data-a11y-before="Start of changed content" data-a11y-after="End of changed content" id="changed-diff-3">]{color:</span>

Server Component

PrismCore User / SQL User Component