# How to configure and resolve workflow checks for maintaining password policy for critical systems

Per the PCI-DSS data security framework, a robust password policy is required to maintain secure access to critical systems containing Cardholder Details (CHD). The following outlines the specific password requirements mandated by PCI-DSS:

* Require Uppercase Characters: Ensure at least one uppercase character is included in the password. (Default = true)
* Require Lowercase Characters: Mandate at least one lowercase character in the password. (Default = true)
* Require Numbers: Enforce the inclusion of at least one numerical digit in the password. (Default = true)
* Minimum Password Length: Set the minimum length for passwords. (Default = 7 or longer)
* Password Reuse Prevention: Specify the number of unique passwords before permitting reuse. (Default = 4)
* Max Password Age: Define the number of days before a password expires. (Default = 90)

### Before You Begin <a href="#before-you-begin" id="before-you-begin"></a>

* Log in on Sprinto as administrator.

### Configuring Workflow Check <a href="#configuring-workflow-check" id="configuring-workflow-check"></a>

1. Go to Data Library > Workflow Checks.
2. Click on Create Check > Single workflow check.
3. Locate Password Policy for Critical Systems Holding CHD in the workflow checklist and click Enable.

   <figure><img src="https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/72079097324/original/XYG9SWIkTdnQeugcKNx2iCbhKyQeaBLrxg.png?1703508917" alt="" width="563"><figcaption></figcaption></figure>
4. On the Add Workflow Check page, click Edit to adjust the check frequency and assign personnel or configure an evidence reviewer if necessary.\
   &#x20;**Note**: The default frequency for the workflow check is every six months. You can customize the frequency as per your requirements.
5. Click Enable.[<br>](https://prod-files-secure.s3.us-west-2.amazonaws.com/f23d1d57-24f7-4d0f-ab01-646c77683298/0bb9da33-7c41-41a3-867e-55785ed9af7f/Untitled.png)

   <figure><img src="https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/72079097358/original/DptV8P7CdPbwQTWw4YykftaLFO8FHqFYiQ.png?1703509014" alt="" width="375"><figcaption></figcaption></figure>

### Resolving Check <a href="#resolving-check" id="resolving-check"></a>

Once the check is activated, it will be in a "Due/Critical/Failing" status. To successfully pass the check, relevant evidence must be uploaded, and the status will be updated to "Passing."

Evidence: Upload a screenshot of the password policy ensuring the secure management of passwords for critical systems containing CHD.

1. Log in to the Sprinto Admin portal and go to Data Library > Workflow Checks > Active.
2. Select the Password Policy for Critical Systems Holding CHD check.
3. Click Upload Evidence.
4. Choose the Evidence Record Date and opt for either the File or Link attachment option.
   * File: Upload the file from your computer.
   * Link: If the evidence is stored online, provide the shareable link.
5. Click Finish.

   <figure><img src="https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/72079097403/original/IF8I9XFQqz1REU9wtI7cPmyMCi-VdZhQRA.png?1703509060" alt="" width="375"><figcaption></figcaption></figure>