Skip to Main Content
Sage 200 UKI Ideas Portal
Status Further Information Required
Created by Callum Middleton
Created on Apr 8, 2024

Password/MFA Policy - password age

Allow Administrators to ensure user passwords meet NIST guidelines and also enforce MFA.
Could the password policy be configurable or enforced as below by administrators?

  • Maximum password age: 60 Days

  • The Minimum Password Age should be set to 1 or more to ensure that the account password cannot be immediately changed after reset or selection of a new password, and is changed after 24 hrs.

Product Variant Sage 200 Standard, Sage for Education
  • Admin
    Jo Kirkup
    Reply
    |
    Apr 9, 2024

    Sage Account (Sage ID) is a central identification service we use across our product and service range.

    For Sage 200 Standard & Sage for Education its the login mechanism for the product. For Sage 200 Professional its used to connect services to the product.

    Due to the nature of Sage ID any changes have to be considered across the entire product range.

    In terms of the request for 60 day minimum password age - we will not be taking this idea forward.

    For the minimum password age should be set to 1, can you help us understand why you need this as a requirement. Users can change their passwords as they need and this includes twice per day.