-
To make the parameters globally
effective in an SAP System (system
profile parameters), set them in the
default system profile .
However, to
make them instance-specific, you must set them in
the profiles
of each application server
in your SAP System.
To display the
documentation for one of the parameters, choose
Tools
CCMS
Configuration
Profile
Maintenance
(transaction RZ10), specify
the parameter name
and choose
Display.
On the following
screen, choose the
Documentation
pushbutton.
Password Checks
Parameter
login/min_password_lng
Description
Defines the
minimum length of the password.
Default value: 3; permissible values: 3
–
40
Until SAP
NetWeaver 6.40 (inclusive), up to 8
characters.
login/min_password_digits
Defines the minimum number of digits
(0-9) in
passwords.
Default
value: 0; permissible values: 0
–
40
Available as
of SAP Web AS 6.10 (Until SAP
NetWeaver
6.40 (inclusive), up to 8 characters.)
login/min_password_letters
Defines the minimum number of letters
(A-Z) in
passwords.
Default value:
0; permissible values: 0
–
40
Available as of SAP Web AS 6.10
(Until SAP
NetWeaver 6.40 (inclusive),
up to 8 characters.)
login/min_password_specials
Defines the minimum number of special
characters in the password Permissible
special
characters are, in particular,
!
$$%&/()=?'`*+~#-_.,;:{[]}<>| and space
After SAP NetWeaver 6.40,
all characters that
are not letters or
digits are regarded as special
characters.
Default value:
0; permissible values: 0
–
40
Available as of SAP Web AS 6.10
(Until SAP
NetWeaver 6.40 (inclusive),
up to 8 characters.)
login/password_charset
This
parameter defines the characters of which
a password can consist.
Permissible values:
?
0
(restrictive): The
password can
only consist of digits,
letters, and the
following (ASCII)
special characters
:!
$$%&/()=?'`*+~#-_.,;:{[]}<>| and space
?
1 (backward compatible, default
value): The
password can consist of any
characters
including national special
characters
(such as ?, ?, ? from ISO
Latin-1,
8859-1). However, all characters
that
are not contained in the set above
(for
value = 0) are mapped to the same
special character, and the system
therefore does not differentiate
between
them.
?
2 (not backward
compatible): The
password can consist
of any characters. It
is converted
internally into the Unicode
format
UTF-8. If your system does not
support
Unicode, you may not be able to
enter
all characters on the logon screen.
This restriction is limited by the
codepage
specified by the system
language.
With
login/password_charset = 2, passwords
are stored in a format that systems
with older
kernels cannot interpret.
You must therefore
only set the profile
parameter to the value 2
after you have ensured that all systems
involved
support the new password
coding.
Available in the standard
system as of SAP Web
AS 6.40.
login/min_password_diff
Defines the minimum number of
characters that
must be different in
the new password
compared to the old
password.
Default value: 1; permissible
values: 1
–
40
Available as of SAP Web AS 6.10 (Until
SAP
NetWeaver 6.40 (inclusive), up to 8
characters.)
login/password_expiration_time
Defines the validity period of
passwords in days.
Default value: 0;
permissible values: 0 -1000
login/password_change_for_SSO
If the user logs on with Single Sign-
On, checks
whether the user must change
his or her
password.
Available as of SAP Web AS 6.10, as of
SAP Basis
4.6 by Support Package
login/disable_password_logon
Controls the deactivation of password-
based
logon
This
means that the user can no longer log on
using a
password, but only with Single Sign-On
variants (X.509 certificate, logon
ticket). See
Logon Data Tab Page
Available as of SAP Web AS 6.10, as of
SAP Basis
4.6 by Support Package
login/password_logon_usergroup
Controls the deactivation of password-
based
logon for user groups
Available as of SAP Web AS 6.10, as of
SAP Basis
4.6 by Support Package
login/min_password_lowercase
Specifies how many characters in lower-
case
letters a password must contain.
Permissible
values: 0
–
40; default value 0
Available after SAP NetWeaver 6.40
login/min_password_uppercase
Specifies how many characters in upper-
case
letters a password must contain.
Permissible
values: 0
–
40; default value 0
Available after SAP NetWeaver 6.40
login/password_history_size
Specifies the number of passwords
(chosen by
the user, not the
administrator) that the system
stores
and that the user cannot use again.
Permissible values: 1
–
100 (unit: number of
entries);
default value 5
Available after SAP
NetWeaver 6.40
login/password_downwards_compatibility
Specifies the degree of backward
compatibility
to be achieved. The
default value is 1, where the
values
have the following meaning:
0
With
login/password_downwards_compatibility
=
0
, passwords
are stored in a format that
systems
with older kernels cannot interpret. The
system only generates new (backward
incompatible) password hash values.
1
The system also
generates backward
compatible password
hash values internally, but
does not
evaluate these for password-based
logons (to its own system). This
setting is
required, if this system is
used as the central
system of a Central
User Administration that
systems that
only support backward compatible
password hash values are also connected
to the