SAP R/3 Security

Simple changes can rise your system security. Usage of SAProuter is a good choice when correctly implemented. Login through SAP LogonPad (from version 3.0f onwards) improve the access control. SAP profile parameters shall also contain:

  • Rdisp/gui_auto_logout = 1800
    The user connection is closed after 30 minutes without usage.
  • Login/fails_to_session_end = 3
    After 3 wrong password the connection is automaticly closed.
  • Login/fails_to_users_lock = 5
    After 5 wrong password the user is locked.
  • Login/min_password_lng = 6
    Password length at least 6 characters.
  • Login/password_expiration_time = 90
    Password expires after 3 months.
Note: I do not have to waste my time telling you to change all default passwords.

Make sure to have the master user SAP* in all clients otherwise anyone can log into your system. See Tips & Tricks.


Popular posts from this blog

Step by step Create SAP LIS Report


Step by Step SAP Splitting Document