Skip to Content

Sapgui 7.50 - Is it possible to save passwords in Logon shortcuts?

Hello,

I just tried Gui 7.50 - PL2 - it seems that registry entry
HKEY_CURRENT_USER\Software\SAP\SAPShortcut\Security
doesn't work any more. Is there an alternative possibility to save passwords?

Thanks.
Frank

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

5 Answers

  • Sep 15, 2017 at 09:43 AM

    Sorry, but this is most definitely not a good idea.

    the passwords are saved in plain-text and this is a definite security risk.


    See note

    146173 - SAPShortcut: Saving password in SAPShortcut - not recommended

    Regards,

    Jude

    Add comment
    10|10000 characters needed characters exceeded

  • Sep 15, 2017 at 10:25 AM

    Ok. Then it would be good if in future there would be a secure possibility to a save passwords within Saplogon 7.50 (without using SSO). Meanwhile I keep using 7.40.

    Regards,

    Frank

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 04 at 03:11 PM

    It is sad to see that SAP has not embraced keychains etc. to solve this problem, instead promoting insecurity via password fatigue.

    https://en.wikipedia.org/wiki/Password_fatigue

    On Mac there is the keychain, and in windows there is similar ways to encrypt passwords using the user's system logon password.

    Also most of my filesystems are full-disk encrypted.

    I'm sure there are ways to have done this securely...

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 09 at 12:47 PM

    Great! Thanks Nelis!

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 09 at 12:33 PM

    It would be great if SAP allowed you to store passwords in the SAP Logon Pad, encrypted of course. Then simply give the option to provide a single password to access all your connection entries(like a password manager).

    For now though I just use the freely available KeePass - create separate entries for all my SAP systems adding the username and password in the fields provided and then use the following example string in the URL field:

    cmd://sapshcut -max -guiparm="hostname.com 00" -system=DEV -client=001 -user={USERNAME} -pw={PASSWORD}
    

    When you click on the entry for your SAP system it executes the above string replacing username and password placeholders with your credentials automatically. This information is all encrypted of course and accessible with a single master password. Saves me having to enter my password each time.

    Add comment
    10|10000 characters needed characters exceeded