R129. Validate previous passwords

Requirement

The system must not allow password changes for a user if the new password matches one of the previous 5 passwords for the same user.

References

  1. PCI DSS v3.2.1 - Requirement 8.2.5 Do not allow an individual to submit a new password/passphrase that is the same as any of the last four passwords/passphrases he or she has used.

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy