How to Configure Strong Password Policies in Sage X3 V12 P16

By: | Category: ERP

Security is at the forefront for all organizations today. Sage X3 has ability to integrate credentials to both SAML2 and LDAP. However, starting with version 12 patch 16, Sage added a password policy functionality native to Sage X3 which allows the X3 administrator to enforce strong passwords when you are not using LDAP or SAML2.

We recommend combining the below with a review of your users and their security groups in Sage X3.

Please note that this is done on the Syracuse layer of the application, so it would apply to all folders of a single Sage X3 environment. Proper backup of the solution prior to making that change is highly recommended.

Also, consider making some of these changes during off-hours.


The way to implement would include the following steps and coordination for deployment:

  1. Setup of a policy
    • There is a default policy you can use
  2. Upload blacklisted passwords
    • If you want to prevent users from using a set of known passwords in the company, you can upload a blacklist of any passwords which would meet the general rule but remain weak.
      For instance Password@12345 would meet the below policy yet remain weak in terms of security:
  3. Apply the policy in the global settings
  4. Determine which users require password changes and which do not

NOTE: Requiring password changes needs to be done one user at a time.

Once configured, you should communicate the password policy to all affected users before deploying the enforcement.

If you are interested in Net at Work deploying this solution with your team, please contact your Account Manager or your Team Manager for more information.