on 07-06-2006 10:37 AM
We don't want to allow the use of special characters and numbers in passwords and during password reset.
We use the portal database for user management. I've tried the settings ume.logon.security_policy.password_special_char_required and password_alpha_numeric_required but they only provide a minimum number of special characters or numbers. I've also tried to set the value of these settings to "-1" but that doesn't work.
Can anybody tell me how to prevent special characters and numbers?
Hi
Deafult it won't allow (i.e value = 0). If you want to enable, change the value to 1.
Check the value is 0 from here
Go to Visual admin>> services>> UME Provider >>
ume.logon.security_policy.password_alpha_numeric_required = (default) 0
ume.logon.security_policy.password_special_char_required = 0(default value)
Cheers
Jawahar Govindaraj
PS:Reward pts
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The solution to set the password_policy won't help. These settings give a minimum number or required numers or special characters NOT a maximum. If I set e.g. value = 0 then minimal 0 numbers will be generated but there is no guarantee that there won't be any numbers in the password.
Up until now the only possible solution would be to start coding in Java, but this would be my last option. But if this is the only way, does any one has any experience with overriding the password generator?
/Hugo
Hi Hugo,
In UME confguration check the sttings for
#Password must contain x special chars (which are not contained in alpha numeric characters).
(Type: Number, Default: '0')
ume.logon.security_policy.password_special_char_required=0
Make sure it is set to 0
Regards
Luke
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Hugo,
Ya that is very much possible by 'Setting password controls'
You can prevent users from choosing passwords that you do not want to allow. To prohibit the use of a password, enter it in table USR40. You can maintain table USR40 with Transaction SM30.
In USR40, you can specify impermissible passwords generically if you want. There are two wildcard characters:
? stands for a single character
stands for a sequence of any combination characters of any length.
123* in table USR40 prohibits any password that begins with the sequence "123."
123 prohibits any password that contains the sequence "123."
AB? prohibits all passwords that begin with "AB" and have one additional character: "ABA", "ABB", "ABC" and so on.
Kindly check this link for generated passwords
<a href="http://help.sap.com/saphelp_erp2005/helpdata/en/cc/4a0ff78271bb4399c80e659466f828/content.htm">http://help.sap.com/saphelp_erp2005/helpdata/en/cc/4a0ff78271bb4399c80e659466f828/content.htm</a>
Hope this helps..
Kindly reward points if u find it useful..
Warm Regards,
Sharadha
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Sharadha,
Thanks for your quick answer! I think I can use this if i can specify multiple rules like 1 0 2 etc.
However I cant find the table, since I only have a portal installed on MSSQL. My user management is done in the portal db.
Can you tell me which table to use then? Or am I on a wrong track here
Thanx
Hugo
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.