Hello SAP lovers and experts,

I'm new to SAP BC and I have to apply some security rules to passwords, I inserted below what was asked and how I applied it. Can anyone tell me if I applied the proper rules ? I often used USR40, did I use it right ? Also, should I set the rules in the default profile or instance, what's the difference ?

• 8 characters password login/min_password_lng
• different than the user ID or his name USR40 filled with user IDs and names
• Atleast one char and letter, do not use the smae character in a row login/min_password_letters,login/min_password_digits and USR40 (*AAA*, *BBB*, *CCC*...)
• Not end or start with a letter USR40 (1*, 2*, 3*.... *1, *2, *3...)
• Different than the last 5passwords login/password_history_size.
• No personnal data like phone, birth of place ... USR40 ?
• Change every 3 month login/password_expiration_time
• Apply at next logon login/password_compliance_to_current_policy