on 01-20-2009 10:19 AM
Hi all,
I have a requirement in which i need to transfer the Internet User ID and Password from CRM to another cleint system.
my question is: can we access the current password of an internet user???? (SU01)
if yes, how???
as per my understanding, the password is stored after using a hash key algorithm which encrypts the password.
So can we decrypt that password???
please advice???
Thanks and Regards
Gaurav Raghav
Hi,
as you wrote, the password is encrypted by a hash function. By definition a hash function is not reversible, so you can not decrypt the password. When you log on, the password you enter is converted to a hash and this is compared with the stored hash, so decryption is not necesary.
If you want to transfer users to a different SAP system, you do not need to decrypt the passwords. Transfering the hash is sufficient. This works fine, when for instance users are transfered via client or system copy.
Regards, Paul
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
I do not know if there are any notes. I think there might be something in SDN about the subject. Also it should be documented somewhere that passwords are stored as a hash. have you tried help.sap.com ?
You might try telling the customer, that the whole point of storing passwords as a hash, is that they can not be decryted. I am sure there are some articles in wikipedia on the subject. This is nor an SAP specfic topic after all.
Regards Paul
Hello Gaurav,
Instead of proposing a technical solution, elaborate on your business requirement. Check if you can use single sign on etc. There are techniques other than passing user id and password.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
8 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.