09-20-2010 10:53 AM
Good afternoon everybody.
I need your assistance.
My system is SAP ECC 6.0
I want to use the default password generating of SU01.
Already configured the settings from the "Note 1482619 - PRGN_CUST: Switches are missing from value help"
I have a lot of exceptions in the table USR40, and the password generating does not look this table.
How do I make, so the generator does not create passwords that are in USR40?
09-20-2010 11:38 AM
Hi,
as administrators are allowed to set passwords in SU01, which are contained in usr40, the generator does not care about usr40.
b.rgds, Bernhard
09-20-2010 12:08 PM
09-20-2010 9:22 PM
USR40 is actually a pest
It was originally intended to define permitted characters for the logon routines to validate (for example, no 'apostophes') input.
Now, it rejects values and for the same folks who misunderstood the initial intention they seem to want to add all dictionary words to it.
This will confuse your users to no end!
My recommendation:
- Add 1 or even 2 special characters to the rules.
- Add one or better 2 digits.
- Add 10 as the minimum length of the password.
- Lock the password after 5 failed attempts.
Consequence: They can still use patterns such as "$123" and "init" and some city names or seasons, but it cannot easily be scripted or guessed without the user noticing it (if they are not idle).
I completely agree with SAP that they ignore USR40 when the admin sets a password but on the customer side a usefull feature would be to force the wizard for them (user type dependently and optional in config).
Cheers,
Julius
09-21-2010 6:12 AM
Thanks Julius,
Yesterday discussed the situation with management.
There are currently limited by safety standards of our company:
- 1 special characters.
- 5 digits.
- 10 as the minimum length of the password.
- Lock the password after five failed attempts.
And I began to configure SNC, for the complete elimination of passwords in the system.
In the future, to disable logon password, the password will only system users.
There was one question?
Risks disabling logon password.