Hi
The company I work for recently listed on one of the American stock exchanges and thus needs to comply with SOX.
The consultancy employed to audit compliance is saying "we" need to enforce password complexity on sql logins.
I found Article number 000012252 in the knowledge base that says OpenEdge does not enforce password complexity on version < 10.X.
We are currently running 11.7.2. So I was wondering if anything has changed regards to password complexity in version 11+ ?
Cheers
Craig.
Hi Craig,
OpenEdge sql does not itself enforce password complexity in any of tue 10.*/11.*/12.* releases. There are no plans for password complexity enforcement in future releases.
One of our Product Management team, Rob Straight, described the OE policy this way, in a past Community posting:
--------------------------------
Password management is outside the scope of OpenEdge, especially as there are many vendors who currently offer complete solutions. We advise using one of these vendors in conjunction with the OpenEdge Authentication Gateway (bundled with Progress Application Server for OpenEdge or available stand-alone) for comprehensive user authentication and access control to your OpenEdge environment.
------------------------------------
Hope this helps, ....steve pittman [OE sql software architect]