epode Posted October 2, 2012 Share Posted October 2, 2012 Hi, We're a web host provider, we use WHMCS v5.0.3, we don't store any card information and we're looking for PCI compliance. We're failling because PCI compliance asks that when a user signs up for a new user account, the password is automatically created for them. Is there any way WHMCS can do this currently? Or can the new version of WHMCS (v5.1.2) do this? (I couldn't see it in the changelog) Or is it planned for a future version? Anyone wiser than us on this topic? Thanks. 0 Quote Link to comment Share on other sites More sharing options...
epode Posted October 2, 2012 Author Share Posted October 2, 2012 Actually, we're failing on a number of password related questions that we're not certain how to overcome with WHMCS ... 1 - Are first-time and reset passwords set to a unique value for each user, and must each user change their password immediately after the first use? 2 - Are user passwords changed at least every 90 days? 3 - Must passwords contain both numeric and alphabetic characters? 4 - Must an individual submit a new password that is different from any of the last four passwords he or she has used? 5 - Are repeated access attempts limited by locking out the user ID after no more than six attempts? 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.