PCI-DSS Compliant User Management


We would like to implement Piwik in our hosting environment but we need to avoid any issues with PCI-DSS compliance.
The user management of Piwik doesn’t enforce some policies that PCI-DSS see as minimum.

Is there a chance to get over this? Are there any configuration that I can enable so Piwik starts having password policy rules. (like minimum length, auto expiration, minimum characters to be included etc.)

Best regards

Hi @gkaya

We wlil be happy to make improvements to Piwik to meet your requirements. Contact us at: Development for Piwik - Analytics Platform - Matomo