SAP R/3 Security
Simple changes can rise your system security. Usage of SAProuter is a good choice when correctly implemented. Login through SAP LogonPad (from version 3.0f onwards) improve the access control. SAP profile parameters shall also contain:
- Rdisp/gui_auto_logout = 1800
The user connection is closed after 30 minutes without usage.
- Login/fails_to_session_end = 3
After 3 wrong password the connection is automaticly closed.
- Login/fails_to_users_lock = 5
After 5 wrong password the user is locked.
- Login/min_password_lng = 6
Password length at least 6 characters.
- Login/password_expiration_time = 90
Password expires after 3 months.
|Note:||I do not have to waste my time telling you to change all default passwords.|
|Make sure to have the master user SAP* in all clients otherwise anyone can log into your system. See Tips & Tricks.|