The admin interface restricts the merchant password max age to a number between 1 and 90. Is there a way to change this? It looks like we could remove the check from the user control but I'm not sure that would make any difference.
We manually changed the MerchantPasswordMaxAge value in the ac_StoreSettings to both 9999 and 120 and the password still expired when 90 days was hit.
Any thoughts?
Thanks
Merchant Password Max Age
-
- Lieutenant Commander (LCDR)
- Posts: 87
- Joined: Fri Nov 20, 2009 8:46 am
Merchant Password Max Age
David Johnson
Re: Merchant Password Max Age
If this is so then it seems that we are enforcing 90 days in code as maximum possible age value. It may be due to some requirement of PCI Compliance.
-
- Lieutenant Commander (LCDR)
- Posts: 87
- Joined: Fri Nov 20, 2009 8:46 am
Re: Merchant Password Max Age
Mazhar,
PCI compliance - that would make sense. Would you be able to check to see if the maximum value is enforced in the code? Since the system does allow other PCI compliance features to be turned off (like storing credit cards), my customer would like the option of overriding the max value.
Thanks,
PCI compliance - that would make sense. Would you be able to check to see if the maximum value is enforced in the code? Since the system does allow other PCI compliance features to be turned off (like storing credit cards), my customer would like the option of overriding the max value.
Thanks,
David Johnson
Re: Merchant Password Max Age
what is your AbleCommerce version?
-
- Lieutenant Commander (LCDR)
- Posts: 87
- Joined: Fri Nov 20, 2009 8:46 am
Re: Merchant Password Max Age
The AC I was testing with is still 7.0.3. We'll be upgrading it later this week.
David Johnson
-
- Lieutenant Commander (LCDR)
- Posts: 87
- Joined: Fri Nov 20, 2009 8:46 am
Re: Merchant Password Max Age
It looks like this feature has been updated in 7.0.4 and you can now set the merchant maximum password age to 0 (unlimited.
Thanks,
Thanks,
David Johnson