Announcement

Collapse
No announcement yet.

Forced Admin Password Change

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • warrisr
    replied
    Hopefully to PCI standard will be updated to use the current recommendation to not force password changes for no specific reason.

    We do use LastPass. However, the 3dCart admin password change process does not always work well with LastPass and can get very confusing for our employees when things go wrong. As a result, every 90 days I usually end up resetting everyone's password and walking them through the process of updating their 3dCart and LastPass accounts with a new password.

    Leave a comment:


  • GonzaloGil
    replied
    I believe the changes are more about when to re-authenticate, the PCI 3.2.1 standards remain in place and requires password change every 90 days.
    I recommend you install LastPass, which works on your browser/phone if you have not yet, it makes the whole process a lot easier, and remains secure as the database of passwords is encrypted on your device.

    Leave a comment:


  • warrisr
    started a topic Forced Admin Password Change

    Forced Admin Password Change

    Now that NIST has finally come to their senses and dropped the recommendation to force periodic password changes, any chance that 3dCart will drop it as well?

    https://www.riskcontrolstrategies.co...delines-wrong/
Working...
X