As already confirmed i too think this is no way possible to decode this password .. the security authentication converts it into a encrypted format and stores it safely...

Br,

Sri

Hi jennifer,

Nope it is not possible to decode a password. The only way is to ask your administrator to change the password.

Hope it helps.

Please award points if it is useful.

Thanks & Regards,

Santosh

What are your objectives for wanting to decrypt the passwords? There are probably other ways to achieve your objectives..?

-PS there is no way to decrypt passwords as the algorithm used only allows for one-way encryption. Even the SAP system is not able to do it. The SAP system can only determine that an entered password is correct by encrypting the entered password and comparing the encrypted hash to the stored hash. The system also has other controls over brute force password attacks.

I can give you a little bit of information but I can not tell you how to do it. In older versions, SAP encrypts its passwords in a modified MD5 encryption with part of the userID as a salt. The newer versions also use MD5 but they also support SHA-1 encryption. This is about all I can tell you. Hope this helps. You can also do a search on google and get bits of information. I have heard that someone has been able to decrypt the password and I am sure someone out their knows how.

Hi,

you can not decrypt or decode the password, as passwords in the SAP system are stored as a hash and a hash is a one way function only (independent whether this is MD5 or SHA-1). <a href="http://en.wikipedia.org/wiki/Hash_function">See wikipedia for more details about hashes</a>. So the system can only check whether the password is correct or not (the system will compute the hash value for the password you gave him and compare it with the stored one). For details about which method is used when, please have a look at

<a href="http://help.sap.com/saphelp_erp2005vp/helpdata/en/52/6717ed439b11d1896f0000e8322d00/frameset.htm">the online help</a>.

However you can crakc passwords, either by brute force, meaning just generating random passwords or based on a dictionary and then have the system try them. However this will take time and you need to develop something first to interact with the system.

Regards,

Patrick

There is no direct way to retrieve the password.

If you are using ECC or in a CUA environment, try using SCUL and run the report for the user making sure you choose all the possible changes made to the user. The password must be displayed in hex format [I think]. You could probably use a decoding algorithm to try retrieving the password.

Hope this helps