From LedHed's Wiki
Jump to: navigation, search

Overview

This article illustrates how to implement PCI DSS v3 Section 8.2 via Windows Group Policy.

Settings

The only 8.2 requirements that can be set via group policy are Sections: 8.2.3, 8.2.4, 8.2.5. See the image below.
PCIDSS PasswordPolicy.png

Note: When you enable "Maximum password age" Group Policy requires "Minimum password age" be enabled, this is not a PCI requirement, but rather a dependency imposed by Microsoft.


Reference

PCI DSS Quick Reference

https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf