FAQ #1253 Diff
Does hashing of passwords meet the intent of PCI DSS requirement 8.4?
Earlier Version
Later Version
Removed
Added
Using a strong hashing algorithmcryptography to hash the password meets the intent of the PCI DSS requirementRequirement 8.4,8.2.1, which is to prevent unintentional disclosure of the passwords throughduring suchtransmission meansover asthe network sniffing.or during storage.
Please refer to the PCI DSS and PA-DSS Glossary of Terms, Abbreviations, and Acronyms for additional information on hashing.
(Note: PCI DSS Requirement numbers refer to PCI DSS version 3)
Please refer to the PCI DSS and PA-DSS Glossary of Terms, Abbreviations, and Acronyms for additional information on hashing.
(Note: PCI DSS Requirement numbers refer to PCI DSS version 3)
Disclaimer: This FAQ has been processed for display on this website and may contain errors. Please check the original FAQ on the PCI SSC website for the authoritative version.