You can implement custom scripts for testing and generating password if the password requirements cannot be mapped with the existing settings options. Scripts are applied in addition to the other settings.
You can implement a check script if additional policies need to be used for checking a password, which cannot be mapped with the available settings.
Public Sub CCC_CustomPwdValidate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)
With parameters:
policy = password policy object
spwd = password to test
|
TIP: To use a base object, take the property Entity of the PasswordPolicy class. |
A password cannot have '?' or '!' at the beginning. The script checks a given password for validity.
Public Sub CCC_PwdValidate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)
Dim pwd = spwd.ToInsecureArray()
If pwd.Length>0
If pwd(0)="?" Or pwd(0)="!"
Throw New Exception(#LD("Password can't start with '?' or '!'")#)
End If
End If
If pwd.Length>2
If pwd(0) = pwd(1) AndAlso pwd(1) = pwd(2)
Throw New Exception(#LD("Invalid character sequence in password")#)
End If
End If
End Sub
To use a custom script for checking a password
Select the category Manager | Basic configuration data | Password policies in the SAP R/3.
You can implement a generating script if additional policies need to be used for generating a random password, which cannot be mapped with the available settings.
Public Sub CCC_PwdGenerate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)
With parameters:
policy = password policy object
spwd = generated password
|
TIP: To use a base object, take the property Entity of the PasswordPolicy class. |
The script replaces the invalid characters '?' and '!' in random passwords.
Public Sub CCC_PwdGenerate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)
Dim pwd = spwd.ToInsecureArray()
' replace invalid characters at first position
If pwd.Length>0
If pwd(0)="?" Or pwd(0)="!"
spwd.SetAt(0, CChar("_"))
End If
End If
End Sub
To use a custom script for generating a password
Select the category Manager | Basic configuration data | Password policies in the SAP R/3.
You can add words to a list of restricted terms to prohibit them from being used in passwords.
|
NOTE: The restricted list applies globally to all password policies. |
To add a term to the restricted list
Select the category Base Data | Security Settings | Restricted passwords in the Designer.
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy