cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Password must not contain numbers and special characters

Former Member

on ‎07-06-2006 10:37 AM

0 Kudos

We don't want to allow the use of special characters and numbers in passwords and during password reset.

We use the portal database for user management. I've tried the settings ume.logon.security_policy.password_special_char_required and password_alpha_numeric_required but they only provide a minimum number of special characters or numbers. I've also tried to set the value of these settings to "-1" but that doesn't work.

Can anybody tell me how to prevent special characters and numbers?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

former_member192029
Active Contributor
‎07-10-2006 2:19 PM
0 Kudos

Hi

Deafult it won't allow (i.e value = 0). If you want to enable, change the value to 1.

Check the value is 0 from here

Go to Visual admin>> services>> UME Provider >>

ume.logon.security_policy.password_alpha_numeric_required = (default) 0

ume.logon.security_policy.password_special_char_required = 0(default value)

Cheers

Jawahar Govindaraj

PS:Reward pts

Show replies
Show replies
Former Member
‎07-11-2006 12:42 PM
0 Kudos

The solution to set the password_policy won't help. These settings give a minimum number or required numers or special characters NOT a maximum. If I set e.g. value = 0 then minimal 0 numbers will be generated but there is no guarantee that there won't be any numbers in the password.

Up until now the only possible solution would be to start coding in Java, but this would be my last option. But if this is the only way, does any one has any experience with overriding the password generator?

/Hugo

Former Member
‎07-10-2006 1:18 PM
0 Kudos

Hi Hugo,

In UME confguration check the sttings for

#Password must contain x special chars (which are not contained in alpha numeric characters).

  1. (Type: Number, Default: '0')

ume.logon.security_policy.password_special_char_required=0

Make sure it is set to 0

Regards

Luke

Show replies
Show replies
Sharadha1
Active Contributor
‎07-06-2006 10:56 AM
0 Kudos

Hi Hugo,

Ya that is very much possible by 'Setting password controls'

You can prevent users from choosing passwords that you do not want to allow. To prohibit the use of a password, enter it in table USR40. You can maintain table USR40 with Transaction SM30.

In USR40, you can specify impermissible passwords generically if you want. There are two wildcard characters:

? stands for a single character

  • stands for a sequence of any combination characters of any length.

123* in table USR40 prohibits any password that begins with the sequence "123."

123 prohibits any password that contains the sequence "123."

AB? prohibits all passwords that begin with "AB" and have one additional character: "ABA", "ABB", "ABC" and so on.

Kindly check this link for generated passwords

<a href="http://help.sap.com/saphelp_erp2005/helpdata/en/cc/4a0ff78271bb4399c80e659466f828/content.htm">http://help.sap.com/saphelp_erp2005/helpdata/en/cc/4a0ff78271bb4399c80e659466f828/content.htm</a>

Hope this helps..

Kindly reward points if u find it useful..

Warm Regards,

Sharadha

Show replies
Show replies
Former Member
‎07-06-2006 11:10 AM
0 Kudos

Hi Sharadha,

Thanks for your quick answer! I think I can use this if i can specify multiple rules like 1 0 2 etc.

However I cant find the table, since I only have a portal installed on MSSQL. My user management is done in the portal db.

Can you tell me which table to use then? Or am I on a wrong track here

Thanx

Hugo

former_member110461
Active Contributor
‎07-06-2006 1:31 PM
0 Kudos

Hugo,

Unfortunately Sharadha is getting confused with the ABAP user management, where USR40 exists. Unfortunately it does not exist in the java stack. As for an answer to your original question... I haven't got one I'm afraid.

Paul

Former Member
‎07-10-2006 12:17 PM
0 Kudos

Sharadha,

If this is purely on portal end, you will have to do a client side validation in the create user screen.

Regards,

Rukmani

Ask a Question