Announcement!
This is a notification for product news or an alert. If you have a question, please start a new discussion

Sage 300 Advanced Complex Passwords

Introduction

Sage 300 passwords are becoming more complex, and the minimum size has increased!

Sage 300 prior to 2022.2 (April 2022)

  • A basic password must start with a character and can contain numbers.
  • A complex password follows the basic configuration and additionally must contain one special character and one number.
  • If the Require Minimum Password Length option is enabled, the minimum password length is 4 characters.

Sage 300 2022.2 (April 2022)

  • The UI has been modified to remove forcing of the entered password to upper case.
  • A basic password must start with a character and can contain numbers.
  • A complex password follows the basic configuration and additionally must contain one special character and one number.
  • A new option has been added to the Advanced Security Settings screen when the Require Complex Passwords option is selected.
    • The Increase Required Complexity option increases the password complexity.
      • The entered password will not be forced to upper case and will be validated as entered by the user (case sensitive)
      • The password follows the complex configuration and additionally must contain one lower case and one upper case character
    • If the Increase Required Complexity option is not enabled, the backend will force the entered password to upper case since the UI have removed the forcing of case on input.
  • If the Require Minimum Password Length option is enabled, the minimum password length is 8 characters.

Sage 300 2023 (August 2022)

  • The Increase Required Complexity option will be removed, and the increase complexity as described above will become the default complex password behavior.

ISV / Third-Party Modifications Required

If an ISV or third-party application/integration prompts for Sage 300 credentials outside of the Sage 300’s screens, the code is most likely forcing the entered password to upper case prior to submitting for validation.

Sage 300, starting with the 2022.2 (April 2022) release, has modified our UIs to not force upper case of the password input and ISV’s / third parties will need to modify their credential screens (if any) accordingly.

Note: This is not required for Sage 300 2022.2 if the Increase Required Complexity option is not enabled. However, it will be required for Sage 300 2023 since this becomes the default behavior for password complexity.

Summary

Sage 300 passwords are becoming more complex. Sage 300 2022.2 introduces the optional Increase Required Complexity option and increases the minimum length to 8 characters, and Sage 300 2023 will make this new option the required default behavior.

As a standard disclaimer, any topic in this article is subject to review and doesn’t represent a commitment as to when it will be available.