Have been asked by client's IT since they observed there is a blank blacklist file in SAGE password policy.
For `SAGE` password policy, possible for Syracuse by default to be preloaded with a common password file like from: https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere
Moving the client to OAuth2 authentication is in the works, but for now, the client is fine with Sage internal basic authentication to get the Sage X3 up and to get workers' rapport by having to remember yet another obnoxious password for a system.
Chun Heng Lee
