8.5.2 Examine password procedures and observe security personnel to verify that, if a user requests a password reset by phone, email, web, or other non-face-to-face method, the user’s identity is verified before the password is reset
[PCI DSS 1.x] 8.5.2 Verify user identity before performing password resets
[READ-ONLY] Archives
[RETIRED] PCI DSS v.1.x Questions and Answers
Implement Strong Access Control Measures