PCI Security

Location

SETTINGS > Security

Purpose

RentWorks allows you to define how passwords are created and maintained, but also verifies that they are PCI Compliant.

Note: you will only be able to access this screen if your employee ID is in the PCI Admins Employee Group.

Fields

Credit Card Number Masking - Enter the number of beginning and ending digits that you want to display from credit card numbers. All numbers in-between will be masked with “X.”

Keep PANs for ___ days - Enter the number of days to retain the Primary Account Number (the primary credit card number associated with the account) within your database. The maximum value is 365 (one year).

Password Policy

Minimum Password Length - Passwords must contain at least the number of characters indicated here.

Password History - Limits reuse of previous passwords. A password cannot be reused until other passwords equal to the number set here have been used.

Password expires after - Passwords expire and must be changed after the number of days set here.

Allow Login tries - If users unsuccessfully try to log in the number of times set here, they are locked out of RentWorks and must be admitted back in. You may automatically unlock the user after a set number of minutes, or set 0 minutes, which will require a supervisor to unlock the user.

Require ___ of the following character types - Requiring a number set combination of lowercase, uppercase, special characters and numbers makes passwords more complex and more difficult to guess.

Password allowed to match username - Using a person’s username is permitted if this box is checked. Although using a username as a password makes the password easy to remember, it is also less secure because it may be easily guessed.