Skip to Content

Password sharing using firefighter on HANA DB

We are on GRCFND_A-SP08, GRCPINW- 1200_750_SP8 version and trying to implement EAM on HANA DB. What I noticed is that while using the EAM process on HANA DB I am able to share the Firefighter password (I am not logging using password copied from clipboard) with user A and user A is able to login to HANA Studio or another WEBIDE session using the FF password which I shared.

Is there any way to mitigate it?

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Posted on Jun 12, 2020 at 06:36 PM

    Hi Akash,

    You can set password expiry using parameter "HANA Firefighter Timeout" attribute (in seconds) to mitigate the risk of HANA DB Firefighter being misused.

    Navigate to Governance, Risk and Compliance -> Access Control -> Maintain Connector Settings. Select the HANA connector where you would like to set timeout then Click Assign Attributes to the Connector. Click on New Entries, select HANA Firefighter Timeout as Attribute Name and then type the desired timeout in seconds.

    Regards,

    Madhu


    hana-db-1.png (41.5 kB)
    Add a comment
    10|10000 characters needed characters exceeded

    • Hi Madhu,

      Thanks for your reply. Wanted to know how will the password misuse risk be mitigated by applying the said parameter as the name of the parameter indicates about timeout of the session but still the password could be shared.

      Regards,

      Akash Parekh

  • Posted on Jul 16, 2020 at 09:00 AM

    Did somone configure the HANA Disable Password (SAML) attribute?

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.