Password Rules ECC 6.0?

Former Member · ‎02-06-2007

Forgive me if this has been posted before, however, I have searched the forum and could not locate.

I am looking for succinct list of password rules for ECC 6.0. I find the on-line documentation in the SAP Library has at least two pieces of incorrect information (says maximum length is 8 - this is untrue under ECC 6.0, says password is not case sensitive also), therefore, I do not know whether the remainder is suspect. Or perhaps I am not looking in the right place in the SAP Library.

Can anyone assist?

WolfgangJanzen · ‎02-06-2007

Take a look on the <a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/d2/141fb593c742b5aad8f272dd487b74/content.htm">Online Help for NW 2004s</a> - or on <a href="https://service.sap.com/sap/support/notes/862989">SAP Note 862989</a>.

<a href="https://service.sap.com/sap/support/notes/2467">SAP Note 2467</a> needs to be updated ... - I'll do so as soon as I find some time ...

Cheers, Wolfgang

Former Member · ‎02-07-2007

Hi Mary,

The new password rules are as follows:

Differentiation between upper and lower case i.e., The system distinguishes between upper and lower case in newly assigned passwords rules. Maximum length increased from eight to forty characters.

In newly-installed systems, this applies immediately to all users; in systems that have been upgraded to SAP NW AS ABAP 7.0 from an earlier release, we have ensured that all users can continue to log on using their old password. The user master record stores information about whether a user has a new password or a password of the old type; this information is analyzed when the system checks the password: if the user has a password of the old type, the system converts the first eight characters of the password into upper case; the remaining thirty-two characters must be spaces. New profile parameters:

login/min_password_lowercase

login/min_password_uppercase

Hope it helps.

Plz award points if it useful.

Regards

Santosh

WolfgangJanzen · ‎02-07-2007

In the next few days a new <a href="https://service.sap.com/sap/support/notes/1023437">SAP Note (1023437)</a> will be available (currently not released, yet). That note explains why problems may arise from using passwords that are not downwards compatible (i.e. which contain more than 8 characters <u>or</u> at least one lower-case character).

<u>Notice</u>: as of SAP NetWeaver 2004s (-> mySAP ERP 2005, ECC 6.0, ...) ABAP systems do no longer convert lower-case characters (as typed in by the user) to upper-case characters. Therefore, when passwords are changed (by the user) or set (by the admin) usually downwards-incompatible passwords will result (unless the user avoids to use lower-case characters).

Regards, Wolfgang

Former Member · ‎03-02-2007

Hello,

I just went to view SAP note 1023437 and it is in German. Can this be translated to English?

Regards,

Doug Helton

WolfgangJanzen · ‎03-02-2007

Thanks for notification - normally, the translation of new/updated notes is workflow-driven. I'll now manually trigger the translation of this note.

Wolfgang

Former Member · ‎04-27-2007

I am currently in the process of upgrading two systems..Production from 4.6C to ECC6.0 and HR 4.7C to ECC 6.0.

I have been reviewing the parameter setting and trying to locate the parameter that sets the logon screen to 8 characters or is this hard coded?

Former Member · ‎04-27-2007

I believe it is login/min_password_lng

You would want the user defined value to be 8, I suppose.

Former Member · ‎04-27-2007

Thank you...I already check this setting is set at 8 and the logon screen still showing the characters as 40..Is there another parameter?

Former Member · ‎04-27-2007

If you want the character maximum set to 8, I do not see a parameter that is obviously designed to do this.

You should post your question separately to draw some attention to it, someone will probably know the answer for certain.

WolfgangJanzen · ‎04-27-2007

It is not desired to limit the length of a password.

The password rules only define the minimum requirements; it should always be allowed for a user to choose an even more complex password (than demanded by the specified minimum requirements).

Regarding the logon screen:

The logon screen must allow all users to enter their password; some users might have chosen longer passwords than demanded by the current(!) password policy. Even if there would be a parameter which would allow to restrict the maximum length of a new(!) password that parameter must not have any influence on the logon screen - effecting passwords that have been chosen at a time where a different password policy was in place.

Cheers, Wolfgang

PS: regarding "generated passwords" see <a href="https://service.sap.com/sap/support/notes/915488">SAP Note 915488</a>