Our website is currently getting an overhaul. Something not working correctly?  Let us know!

PCI DSS compliance


8.5 Groups, shared and functional accounts

8.5 Generic and shared accounts

To ensure accountability, the usage of generic and shared accounts should be reduced to a minimum. Or even better, used at all. This PCI DSS control describes the requirements to disable generic accounts. For shared accounts, they should only be used for non-critical activities. When it comes to system administrator or any other high level activity, it should only be possible with an authorized and individual account.