Page 1 of 1
Merchant Password Max Age
Posted: Mon Apr 19, 2010 9:36 am
by dc8johnson
The admin interface restricts the merchant password max age to a number between 1 and 90. Is there a way to change this? It looks like we could remove the check from the user control but I'm not sure that would make any difference.
We manually changed the MerchantPasswordMaxAge value in the ac_StoreSettings to both 9999 and 120 and the password still expired when 90 days was hit.
Any thoughts?
Thanks
Re: Merchant Password Max Age
Posted: Mon Apr 19, 2010 10:25 am
by mazhar
If this is so then it seems that we are enforcing 90 days in code as maximum possible age value. It may be due to some requirement of PCI Compliance.
Re: Merchant Password Max Age
Posted: Mon Apr 19, 2010 10:43 am
by dc8johnson
Mazhar,
PCI compliance - that would make sense. Would you be able to check to see if the maximum value is enforced in the code? Since the system does allow other PCI compliance features to be turned off (like storing credit cards), my customer would like the option of overriding the max value.
Thanks,
Re: Merchant Password Max Age
Posted: Mon Apr 19, 2010 10:50 am
by mazhar
what is your AbleCommerce version?
Re: Merchant Password Max Age
Posted: Mon Apr 19, 2010 12:36 pm
by dc8johnson
The AC I was testing with is still 7.0.3. We'll be upgrading it later this week.
Re: Merchant Password Max Age
Posted: Thu Apr 29, 2010 10:26 am
by dc8johnson
It looks like this feature has been updated in 7.0.4 and you can now set the merchant maximum password age to 0 (unlimited.
Thanks,