Skip to Content

Password Policy

Oct 25, 2017 at 10:10 AM


avatar image

Hello community,
I want to implement SAP Password policy on our SAP R/3 system. But I have a few questions:

  • The password policies are only valid for dialog users - System, service and communication user types are excluded?
  • What happens to the current user credentials when we enable these policies? Are these immediately blocked or will the user prompted to Change the Password?
  • What happens when the password expires. Is the user still able to chance the password or is it necessary that i must be set a new one?
  • Is there a password notification or a reminder that the password will be expire?
  • Thanks in advance.

    Kind regards


    10 |10000 characters needed characters left characters exceeded

    Hi Wolfgang,

    You used SAP Business One as a primary tag of your question, but as you mentioned, you talking about SAP R/3. I would like to suggest you to change for a tag related with your product for you get more answers.

    Kind Regards,

    Diego Lother


    Hi Diego,

    Thanks for the Info - I'm a Newbie.

    Kind Regards


    * Please Login or Register to Answer, Follow or Comment.

    2 Answers

    Alessandro Banzer
    Nov 07, 2017 at 07:54 PM

    Dear Wolfgang,

    password only expires for dialog and communication users. Any policy that you set will also affect the communication users. Once set, the system will check during log on and force a user to change the password. Therefore, check parameter login/password_compliance_to_current_policy and set it to 1 to force the change of the password. Once expired, the user has to change the password in order to log on. The "old" password will still work but must be changed.

    There is not advanced notification that a password is about to expire. You'll need to write your own ABAP to send emails, etc. As a hint, report RSUSR200 will tell you if a password has expired, is initial, etc.

    Hope this helps.

    Regards, Alessandro

    10 |10000 characters needed characters left characters exceeded
    Wolfgang Naderer Nov 10, 2017 at 11:47 AM

    Dear Alessandro,

    Thank you very much for your answer :-)

    Is it possible to change the user type from communication to service without having problems? Or how else could I solve the password exclusion for communication user?

    Thanks, regards


    10 |10000 characters needed characters left characters exceeded