For first-time use and password resets, what must be done with the credentials?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI DSS Requirements Test with our interactive quizzes. Use multiple choice questions, flashcards, and detailed explanations. Ace your exam with confidence!

Multiple Choice

For first-time use and password resets, what must be done with the credentials?

Explanation:
Handling credentials for first-time use or after a reset is about secure provisioning. The best practice is to give each user a unique temporary value and force a password change on first login. This prevents a single shared value from granting access to many accounts, and it ensures the user creates a password that only they know. Forcing the change right after first use closes the window where someone could exploit a known temporary credential and aligns with strong authentication controls. Using a common temporary password for all users or not requiring a change after first use leaves accounts vulnerable to compromise, and keeping the password unchanged after a reset repeats the same risk.

Handling credentials for first-time use or after a reset is about secure provisioning. The best practice is to give each user a unique temporary value and force a password change on first login. This prevents a single shared value from granting access to many accounts, and it ensures the user creates a password that only they know. Forcing the change right after first use closes the window where someone could exploit a known temporary credential and aligns with strong authentication controls.

Using a common temporary password for all users or not requiring a change after first use leaves accounts vulnerable to compromise, and keeping the password unchanged after a reset repeats the same risk.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy