Jamie Anderson

icon location Dublin, Ireland icon location Experienced developer now focussing on InfoSec. Code here is personal projects. || Note for recruiters: please do not email me with job offers

Results 2 comments of Jamie Anderson

Should we submit websites that have password reuse rules?

It's a PCI DSS requirement that you cannot reuse any of your last 4 passwords (section 8.2.5). Banks and other sites that provide financial services will need to conform with...

Should we submit websites that have password reuse rules?

While the points under section 8.2 are only supposed to apply to non-consumer accounts, it's common for auditors to overlook this. I've encountered 3 separate PCI auditors who have applied...