Recently, we posted a link to a blog written by Stephen Smith about Sage ERP Accpac 6.0 security. We thought it was worth emphasizing one of the points in his post that stood out to us.
In new web portal in Sage Accpac 6.0 honors the security settings, set from the Security button in Database Setup. Stephen suggests that these be set according to the screen shot below.
He argues that the most important setting is to disable a user account after x failed password attempts to prevent automated programs from being able to try every possible password and eventually guessing the correct one. Using the settings below, an automated program can only try 3 passwords every 30 minutes which will usually get a hacker to move on to find a less secure site to try to hack.