1. No user has access to unencrypted credit card numbers
   2. We require a minimum password length of 6
   3. A prior password may never be reused
   4. There must be at least a 2 character difference between a new password and
      the last password
   5. Passwords must contain the following:
         1. At least one alphabetical character
         2. At least one numeric or special character. Special characters
            include: ` ~ ! @ # $ % ^ & * ) ; ' [ ] "{ }.
   6. Users are locked out for 30 minutes after 6 consecutive logins with
      incorrect passwords