We install 2020 R1 and ran into a security issue with the release.
Users did not have to enter passwords to enter the site, also they could enter anyone’s id in the user field and get in as that person.
Acumatica has a suggestion about turning off the “Guest Account” in AD. They also have produced a Hot Fix for us that we are implementing 106.0010.
Anyone using Windows AD in 2020 Rx, may want to check out if they have a similar issue. Then if so get together with your VAR to address it.