Most of the Password rules can be set using profile parameters.
We can also prohibit users from choosing passwords that you do not want to allow like company name etc.
1) If you want to prohibit the use of a password, enter it in table USR40. From SM30 tcode maintain the table USR40. In USR40, you can specify impermissible passwords.
1) If you want to prohibit the use of a password, enter it in table USR40. From SM30 tcode maintain the table USR40. In USR40, you can specify impermissible passwords.
There are two wildcard characters(* and ?):
• ? stands for a single character
• * stands for a sequence of any combination characters of any length. For example,
• 123* in table USR40 prohibits any password that begins with the sequence "123."
• *123* prohibits any password that contains the sequence "123."
• AB? prohibits all passwords that begin with "AB" and have one additional character: "ABA", "ABB", "ABC" and so on.
Note: SAP default value is that all passwords, except PASS and SAP* are allowed.
2) Apart from this following settings are predefined by SAP.
• The password cannot be more than 40 characters long Until SAP NetWeaver 6.40 (inclusive), passwords could not be more than 8 characters long.
• The first character may not be an exclamation point (!) or a question mark (?).
• The first three characters cannot all be the same.
• The password can only be changed after the old password has been entered correctly. Up to SAP Web AS 6.10, the user can only change the password during the logon procedure. As of SAP Web AS 6.20, the user can also change the password by transaction SU3.
• ? stands for a single character
• * stands for a sequence of any combination characters of any length. For example,
• 123* in table USR40 prohibits any password that begins with the sequence "123."
• *123* prohibits any password that contains the sequence "123."
• AB? prohibits all passwords that begin with "AB" and have one additional character: "ABA", "ABB", "ABC" and so on.
Note: SAP default value is that all passwords, except PASS and SAP* are allowed.
2) Apart from this following settings are predefined by SAP.
• The password cannot be more than 40 characters long Until SAP NetWeaver 6.40 (inclusive), passwords could not be more than 8 characters long.
• The first character may not be an exclamation point (!) or a question mark (?).
• The first three characters cannot all be the same.
• The password can only be changed after the old password has been entered correctly. Up to SAP Web AS 6.10, the user can only change the password during the logon procedure. As of SAP Web AS 6.20, the user can also change the password by transaction SU3.
