req_8Level 1

Requirement 8 - Identify Users and Authenticate Access to System Components

Requirement 8 of PCI DSS v4.0 mandates that entities uniquely identify each individual who accesses cardholder data environments and enforce strong authentication methods for all system components, ensuring that only authorized users can log in, and that credentials are protected, rotated, and revoked promptly when access is no longer needed.

GET/api/v1/systems/reg_pci_dss/nodes/req_8

Manual TranscriptionProprietary (PCI SSC)Source

Hierarchy Explorer

Hierarchy ExplorerChevron to expand - click title to open

req_8_38.3 - Strong Authentication for Users and Administrators

req_8_48.4 - Multi-Factor Authentication (MFA) Implemented

Cross-system equivalences0

No cross-system equivalences mapped for this node.

Report a data issue