During the generation of passwords with the help of Transactions SU01 or SU10 or via API functions, you can define specifications concerning the
- maximum number of digits,
- maximum number of letters,
- maximum number of special characters
in a generated password with the help of Customizing switches (GEN_PSW_MAX_DIGITS, GEN_PSW_MAX_LETTERS, GEN_PSW_MAX_SPECIALS) in the PRGN_CUST table.
Unfortunately, these specifications are not converted reliably in all cases. By setting GEN_PSW_MAX_SPECIALS = 0, for example, you cannot in particular prevent that generated passwords contain special characters.
In addition, there is the missing option to define the length of a generated password. As of SAP NetWeaver 2004s (SAP_BASIS 7.0), the system supports passwords up to 40 characters long (see Note 862989). Consequently, the system now generates passwords with 40 characters by default.
You can use a new Customizing switch (GEN_PSW_MAX_LENGTH), to define the length of the generated passwords.
For this Customizing switch, the following also applies: the requirements specified by the password rules (here: concerning the minimum password length, see the login/min_password_lng profile parameter) are obligatory. You must not set the GEN_PSW_MAX_LENGTH Customizing switch to a value that is less than the value of the login/min_password_lng profile parameter. Otherwise the system ignores the GEN_PSW_MAX_LENGTH Customizing switch. The system then generates passwords with maximum length. In addition, the system issues an error message.
Implement the program corrections or import the respective Support Package.
Support Package SAPKB70007 only inserts the Customizing switch GEN_PSW_MAX_LENGTH.
The corrections to the other Customizing switches is only available as of Support Package SAPKB70012.
The long text of the error message 01 418 is supplemented by the specifications regarding the new Customizing switch (GEN_PSW_MAX_LENGTH) . For technical reasons, this change is only available from Support Package SAPKB70007..