Managing the Password Policy

Objective

After completing this lesson, you will be able to configure the Password Policy settings in SAP Fieldglass.

Password Policy

The Password Policy allows organizations to define the rules for how users must create passwords for accessing SAP Fieldglass. It is a universal default Password Policy that administrators can further define to meet their company's requirements.

These are standards that can be set to determine such things as a minimum length of passwords, maximum number of login attempts, the length of time required before a password must be changed, and the types of characters that should be used.

Password policies are set at the tenant level and are relevant to all SAP Fieldglass users.

If an organization uses Single Sign On (SSO) and requires that Users log in through a company portal, a password policy does not need to be established in SAP Fieldglass.

image depicting the possible attributes of an SAP Fieldglass password, including a capital letter, a lowercase letter, a special character, and a number

Navigating the Password Policy Admin Object

The User section of the admin menu, the Password Policy selection is highlighted.
1To review the password policy settings, select Password Policy from the User section of the admin menu.

Password Policy Details Page

Password Policy Details page showing the Details section indicating such settings as minimum length, number of days until the password expires, the types of characters the password must contain, and what the password cannot contain, among other settings. The page also contains a section indicating special settings for Mobile Applications, which refer specifically to PIN settings. The Edit button of the page is emphasized.
2To edit the password policy setting, you would select the Edit button.

Editing the Password Policy Settings

Top portion of the Edit Password Settings page, with the user lockout, number of retained passwords, and maximum consecutive identical characters fields highlighted.
3User Lockout indicates whether or not a disabled user account must be reset by an authorized user. If No is selected, disabled accounts will be automatically reset after 10 minutes.
4Number of retained passwords determines the number of new passwords that must be created before an old password can be reused.
5Maximum consecutive identical characters indicates the maximum number of consecutive identical characters that passwords can contain.
Middle portion of the Edit Password Settings page, with the Maximum characters, minimum password age, prohibited passwords, password must contain, password cannot contain, and additional regex patterns fields highlighted.
6Maximum characters in Sequential order indicates the maximum number of sequential characters (for example, abcd or 1234) that passwords can contain.
7Minimum password age is the minimum number of minutes that a password must be used before the user can change it.
8Prohibited Passwords would indicate any passwords that are not allowed. Entries in this field cannot exceed 16 characters each and individual passwords must be separated by commas. Up to 200 characters are allowed for the entire set of entries in this field.
9Password must contain indicates whether specific types of characters must be used in a password. For example, special characters such as underscores, periods, and exclamation points can increase the strength of a password and selecting that means that special characters must be used in a password.
10Password cannot contain can prevent users from creating passwords that utilize some common characteristics that tend to diminish the strength of a password, such as including a username or email address.
11Additional regex patterns allows organizations to uses regular expression patterns that passwords must satisfy. Those patterns can be entered here.
Bottom portion of the Edit Password Settings page with the mobile applications section and the update button highlighted.
12Separate password policies must be set for mobile SAP Fieldglass applications. These setting are listed in the Mobile Applications section.
13The password settings for mobile applications involves determining how a PIN, or Personal Identification Number, can be configured for easy access.
14When all changes to the password policy have been made, you would select the Update button.

Summary

The Password Policy in SAP Fieldglass enables organizations to define the rules for creating passwords. Administrators can customize these policies to meet their company's security requirements. Key attributes include password length, character types, and password expiration rules. These policies apply to all users unless Single Sign On (SSO) is used, in which case no specific policy is needed in SAP Fieldglass.

Key Points:

  • Customization: Administrators can define rules for password creation to meet organizational needs.
  • Universal Application: Policies apply to all SAP Fieldglass users at the tenant level.
  • SSO Exemption: A password policy is unnecessary if SSO is used through a company portal.
  • Editability: Password policies can be edited through the Admin menu under User > Password Policy.
  • Security Measures: Rules include user lockout, password retention, character restrictions, and regex patterns.

Learning

SAP FacebookSAP YoutubeSAP LinkedIn