Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Profile Parameter required

Former Member

‎06-23-2010 7:10 AM

0 Kudos

One of our new password policy's requirement is to have

" The new password may have no more than 1 pair(s) of repeating

characters"

Could anyone please provide me the profile parameter by which we can set this rule?

I had given some examples for the same in attached doc.

8 REPLIES 8

Bernhard_SAP
Advisor
Advisor

‎06-23-2010 7:31 AM

0 Kudos

Hi,

there is none for this requirement.

b.rgds, Bernhard

mvoros
Active Contributor

‎06-23-2010 7:33 AM

0 Kudos

Hi,

unfortunately, I don't think you can achieve this with profile parameters. You can see all profile parameters which you can use to define password policy in RZ11 if you search for login/pass. I don't know user exit which you might use to perform your own checks but maybe you can try with enhacement framework. Don't forget that password can be changed on various places.

I'm just wondering how you got this requirement?

Cheers

Former Member

‎06-23-2010 7:46 AM

0 Kudos

hi malay

check out the link for all the logon and password parameters

http://help.sap.com/saphelp_470/helpdata/en/22/41c43ac23cef2fe10000000a114084/content.htm

hope this will help.

take care.

nate

Former Member
In response to Former Member

‎06-23-2010 8:52 AM

0 Kudos

Hi,

A possibility is table usr40. If you want to prevent aa in the passwords then make an entrance in usr40 *aa* . It is more work than a parameter but it should work.

have fun

Bye

jan van Roest

Edited by: Julius Bussche on Jun 23, 2010 9:39 PM

Fixed the formattting using { n o f o r m a t } markups.

Former Member
In response to Former Member

‎06-23-2010 8:58 AM

0 Kudos

Hi,

I did typed a "*" around the aa but for one reason the letters got bold instead, so put astrics infront and at the end of the combination.

Bye

Jan van Roest

Former Member
In response to Former Member

‎06-23-2010 8:45 PM

0 Kudos

I fixed the formatting for you.

Back to topic: which pair are you going to permit as the strange requirement says that 1 is allowed?

Cheers,

Julius

Former Member
In response to Former Member

‎06-27-2010 8:47 PM

0 Kudos

Hi Julius,

I think the only option to do something with password is usr40, beside the login params and table prgn_cust. The nearest thing to the question is usr40. it is up to the creator of the thread to do someting or not with it.

Have fun

Bye jan van Roest

Former Member
In response to Former Member

‎06-27-2010 9:04 PM

0 Kudos

Hi Jan,

The new password mechanisms allow you to use "pass-phrases" in stead of "passwords". Too many entries in USR40 only weaken the password by excluding patterns for a dictionary attack.

For example, you can now use a pass-phrase such as:

"This passw0rd is easy to guess!"

or

"Do keep the kitch3n clean?"

or

"1 2 3 4...Goalllllllll!!!!!!!!!!"

If all words with paîrs of ASCII characters or patterns were forbidden, then the pass-phrase is weakened.

Rather throw in a special character and a digit and train the users to use pass-phrases. This can be hard though with folks who have been around for a long time and have a mental block at the 8th character of the SAPGui logon screen. I count myself to that league as well

In my opinion only company names, SID's, months and seasons are still usefull in USR40, along with swearwords...

Cheers,

Julius