PHPackages                             aligent/magento2-pci-4-compatibility - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. aligent/magento2-pci-4-compatibility

ActiveMagento2-module[Security](/categories/security)

aligent/magento2-pci-4-compatibility
====================================

Provide compatibility with PCI DSS 4.0 requirements

1.4.2(1w ago)2846.7k↑27.5%2[2 issues](https://github.com/aligent/magento2-pci-4-compatibility/issues)MITPHPPHP ^8.1.0||^8.2.0||^8.3.0||^8.4.0||^8.5.0

Since Jan 5Pushed 1w ago12 watchersCompare

[ Source](https://github.com/aligent/magento2-pci-4-compatibility)[ Packagist](https://packagist.org/packages/aligent/magento2-pci-4-compatibility)[ RSS](/packages/aligent-magento2-pci-4-compatibility/feed)WikiDiscussions main Synced 3d ago

READMEChangelog (10)DependenciesVersions (24)Used By (0)

Magento 2 PCI DSS 4.0 Compatibility
===================================

[](#magento-2-pci-dss-40-compatibility)

A Magento 2 module to bring the use of admin accounts in-line with the [PCI DSS 4.0 requirements](https://east.pcisecuritystandards.org/document_library?category=pcidss&document=pci_dss), with changes covering the following requirements:

- 8.2.6
    - Inactive user accounts are removed or disabled within 90 days of inactivity
- 8.2.8
    - If a user session has been idle for more than 15 minutes, the user is required to re-authenticate to re-activate the terminal or session.
- 8.3.4
    - Invalid authentication attempts are limited by:
        - Locking out the user ID after not more than 10 attempts.
        - Setting the lockout duration to a minimum of 30 minutes or until the user’s identity is confirmed.
- 8.3.6
    - If passwords/passphrases are used as authentication factors to meet Requirement 8.3.1, they meet the following minimum level of complexity:
        - A minimum length of 12 characters (or IF the system does not support 12 characters, a minimum length of eight characters).
        - Contain both numeric and alphabetic characters

The changes invovled for each requirement are as follows:

- 8.2.6
    - A new cron job (scheduled once per day) will automatically make any account that has not logged in for 90 days inactive
- 8.2.8
    - The configuration setting in admin for idle timeout has been modified to only accept values less than or equal to 900 seconds (15 minutes).
- 8.3.4
    - The configuration setting in admin for the number of incorrect login attempts before an account is locked has been modified to only accept values less than or equal to 10.
    - The configuration setting in admin for the time an account is locked for has been modified to only accept values greater than or equal to 30.
- 8.3.6
    - The minimum number of characters a password must have has been increased from 7 to 12.

Installation
------------

[](#installation)

```
composer require aligent/magento2-pci-4-compatibility
bin/magento module:enable Aligent_Pci4Compatibility
bin/magento setup:upgrade
```

###  Health Score

59

—

FairBetter than 98% of packages

Maintenance97

Actively maintained with recent releases

Popularity41

Moderate usage in the ecosystem

Community17

Small or concentrated contributor base

Maturity66

Established project with proven stability

 Bus Factor1

Top contributor holds 85.9% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~53 days

Recently: every ~61 days

Total

11

Last Release

10d ago

PHP version history (4 changes)1.0.0PHP ^8.2.0|^8.3.0

1.1.0PHP ^8.1.0|^8.2.0|^8.3.0

1.2.0PHP ^8.1.0|^8.2.0|^8.3.0|^8.4.0

1.4.2PHP ^8.1.0||^8.2.0||^8.3.0||^8.4.0||^8.5.0

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/1459952?v=4)[Aligent](/maintainers/aligent)[@aligent](https://github.com/aligent)

---

Top Contributors

[![aligent-lturner](https://avatars.githubusercontent.com/u/40189797?v=4)](https://github.com/aligent-lturner "aligent-lturner (55 commits)")[![brettlaishley](https://avatars.githubusercontent.com/u/74162363?v=4)](https://github.com/brettlaishley "brettlaishley (5 commits)")[![quangdo-aligent](https://avatars.githubusercontent.com/u/37521032?v=4)](https://github.com/quangdo-aligent "quangdo-aligent (2 commits)")[![kraken-chris](https://avatars.githubusercontent.com/u/116098137?v=4)](https://github.com/kraken-chris "kraken-chris (1 commits)")[![nalin-perera-aligent](https://avatars.githubusercontent.com/u/199547708?v=4)](https://github.com/nalin-perera-aligent "nalin-perera-aligent (1 commits)")

---

Tags

magentomagento2pci-dsssecurity

### Embed Badge

![Health badge](/badges/aligent-magento2-pci-4-compatibility/health.svg)

```
[![Health](https://phpackages.com/badges/aligent-magento2-pci-4-compatibility/health.svg)](https://phpackages.com/packages/aligent-magento2-pci-4-compatibility)
```

###  Alternatives

[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k18.7M143](/packages/mews-purifier)[paragonie/ecc

PHP Elliptic Curve Cryptography library

24820.0k38](/packages/paragonie-ecc)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
