Skip to Content

Password Policy

Hello community,
I want to implement SAP Password policy on our SAP R/3 system. But I have a few questions:

  • The password policies are only valid for dialog users - System, service and communication user types are excluded?
  • What happens to the current user credentials when we enable these policies? Are these immediately blocked or will the user prompted to Change the Password?
  • What happens when the password expires. Is the user still able to chance the password or is it necessary that i must be set a new one?
  • Is there a password notification or a reminder that the password will be expire?
  • Thanks in advance.

    Kind regards


    Add comment
    10|10000 characters needed characters exceeded

    • Get RSS Feed

    2 Answers

    • Nov 07, 2017 at 07:54 PM

      Dear Wolfgang,

      password only expires for dialog and communication users. Any policy that you set will also affect the communication users. Once set, the system will check during log on and force a user to change the password. Therefore, check parameter login/password_compliance_to_current_policy and set it to 1 to force the change of the password. Once expired, the user has to change the password in order to log on. The "old" password will still work but must be changed.

      There is not advanced notification that a password is about to expire. You'll need to write your own ABAP to send emails, etc. As a hint, report RSUSR200 will tell you if a password has expired, is initial, etc.

      Hope this helps.

      Regards, Alessandro

      Add comment
      10|10000 characters needed characters exceeded

    • Nov 10, 2017 at 11:47 AM

      Dear Alessandro,

      Thank you very much for your answer :-)

      Is it possible to change the user type from communication to service without having problems? Or how else could I solve the password exclusion for communication user?

      Thanks, regards


      Add comment
      10|10000 characters needed characters exceeded