AnsweredAssumed Answered

PCI Compliance

Question asked by Kenneth Brill on Jan 9, 2020

I am a little disappointed that in 2019 this isn't addressed in core code yet but before I open up PHPStorm I thought I'd ask if anyone has addressed any of these items yet


- Users can reuse previous passwords, so even if I force it they can just enter the previous password every time.
- We need them not to be able to use the previous 3 passwords.
- For Portal logins there seem to be NO controls. I cant set a timeout, a pattern or a length


the related bugs are

SugarCRM 55994  (from 2012)

SugarCRM 75243 (from 2015)