Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Password generating & USR40?

Former Member

‎2010 Sep 20 10:53 AM

0 Likes
904

Good afternoon everybody.

I need your assistance.

My system is SAP ECC 6.0

I want to use the default password generating of SU01.

Already configured the settings from the "Note 1482619 - PRGN_CUST: Switches are missing from value help"

I have a lot of exceptions in the table USR40, and the password generating does not look this table.

How do I make, so the generator does not create passwords that are in USR40?

4 REPLIES 4
Read only

Bernhard_SAP
Product and Topic Expert
Product and Topic Expert

‎2010 Sep 20 11:38 AM

0 Likes
762

Hi,

as administrators are allowed to set passwords in SU01, which are contained in usr40, the generator does not care about usr40.

b.rgds, Bernhard

Read only

Former Member
In response to Bernhard_SAP

‎2010 Sep 20 12:08 PM

0 Likes
762

Thank you.

With best wishes,

Moiseev Artem

Read only

Former Member
In response to Bernhard_SAP

‎2010 Sep 20 9:22 PM

0 Likes
762

USR40 is actually a pest

It was originally intended to define permitted characters for the logon routines to validate (for example, no 'apostophes') input.

Now, it rejects values and for the same folks who misunderstood the initial intention they seem to want to add all dictionary words to it.

This will confuse your users to no end!

My recommendation:

- Add 1 or even 2 special characters to the rules.

- Add one or better 2 digits.

- Add 10 as the minimum length of the password.

- Lock the password after 5 failed attempts.

Consequence: They can still use patterns such as "$123" and "init" and some city names or seasons, but it cannot easily be scripted or guessed without the user noticing it (if they are not idle).

I completely agree with SAP that they ignore USR40 when the admin sets a password but on the customer side a usefull feature would be to force the wizard for them (user type dependently and optional in config).

Cheers,

Julius

Read only

Former Member
In response to Bernhard_SAP

‎2010 Sep 21 6:12 AM

0 Likes
762

Thanks Julius,

Yesterday discussed the situation with management.

There are currently limited by safety standards of our company:

- 1 special characters.

- 5 digits.

- 10 as the minimum length of the password.

- Lock the password after five failed attempts.

And I began to configure SNC, for the complete elimination of passwords in the system.

In the future, to disable logon password, the password will only system users.

There was one question?

Risks disabling logon password.