What are the Password Requirements for PCI Compliance?

PCI-DSS compliance requires every individual user have a strong password. In addition to a strong password, the user must change their password every 90 days.

The requirements for a strong password are:


  • Must be at least seven characters long
  • Must contain at least one upper case letter
  • Must contain at least one lower case letter
  • Must contain at least one number
  • Must contain at least one special character such as #, !, ?, ^, or @.
  • Cannot contain the User ID
  • Must expire every 90 days
  • Must be different from previous passwords
 Note: Some special characters should be avoided as they may not work across all Limo Anywhere modules such as LA Local. Those are * (asterisks), % (percentage), & (ampersand), + (plus), and a space(space bar).

Limo Anywhere is PCI-DSS Certified as of November 2014. 
Have more questions? Submit a request


Article is closed for comments.