Modifying System Access Settings

Objectives

After completing this lesson, you will be able to:

  • Modify password and login policy settings.
  • Manage Login Accounts.

Adjust Password Policy Settings

Administrators have the ability to customize the login, help, and login help UI for their instance. To make changes to the Login settings, select Company Settings → Password & Login Policy Settings.

Forgotten Password Policy Settings

Enable the forgot password feature and select the option for resetting the user's password without admin intervention. By enabling this feature, users will be able to reset their password by:

  • Receiving a link to reset their password via the e-mail associated with their login ID. Additionally, you may permit users to provide an e-mail to send the password link to.

  • Resetting the password by answering security questions prior to providing a link to reset their password via the e-mail associated with their login.

  • Resetting the password by answering security questions prior to providing a link to reset their password. This option redirects users to the security question page to reset their password after answering the security questions correctly.

To create security questions for the user to respond to, select the Manage security questions link.

Other options to adjust password policy settings

With option 1 Set Welcome Password and Reset Password link expiration (in days) Expiration can be up to 30 days, please enter a value between 1 and 30. Changing this setting will affect all links that have yet to expire.

With option 2 Password Expiration for Long-Time Unused Passwords (in years) This option is to expire passwords that have not been used to log in to the system longer than the number of years that you select from the dropdown. To disable this option, choose N/A.

With option 3 Enable CAPTCHA for the Forgot Password page Specify how many consecutive attempts of sending resetting password emails from the Forgot Password page are allowed within one minute before the system prompts a CAPTCHA. Select a number from the dropdown. To disable this option, choose N/A.

Reset passwords

As an administrator, it is likely that resetting passwords will be part of your role. There are three types of password resets available in SAP SuccessFactors:

  1. Reset individual user password (with supplied password): To reset one user's password to a specific new one.
  2. Reset individual user password: To reset one user's password to a system-generated one.
  3. Reset group of users passwords: To reset passwords for a specific group of users to system-generated passwords at once. The number of users selected in the group will be displayed.

Users receive system e-mail notifications once their passwords are reset. When users log into the system, a Password Change window pops up, requiring users to update their passwords. If security questions have been enabled in the instance, then users will be prompted to choose security questions before they enter the new password.

Note

On the Reset individual user password (with supplied password) page and Reset individual user password page, the Login Method column is available. When resetting passwords for a group of users, the administrators can see the count of PWD users and SSO users who are impacted. When resetting passwords for SSO users, a message indicates that the passwords only impact Basic-Authentication and token-based SSO.

Reset locked user accounts

Resetting user accounts is only applicable if your company allows users a specific number of unsuccessful login attempts before locking their account. The system automatically locks the user account when the user exceeds the number of allowable unsuccessful login attempts.

This means that once the account is locked, the user will not be able to log in again until an administrator resets the account. When you reset an account, you're only reactivating the account so that the user can login again; no other changes are made.

As an administrator, you can easily and quickly reset locked user accounts.

  1. From the Admin Center, select Reset User Account.

  2. You will be directed to a page in which you can filter employees by division, department, group, or location, or simply enter their name or job code. Enter search criteria and select Search Users.

  3. The system generates a list of users that match your criteria. A locked out user is displayed on the list with a red X in the Status column.

  4. Choose the users that you would like to reset by selecting the checkbox next to their name.

  5. Select Reset Selected Users to reset and unlock their user accounts.

Control the login features and assistance available

The Manage security questions… link on the Password & Login Policy Settings page provides a library of the security questions and settings to make available to users to reset their password.

Using this page, administrators can do the following:

  • Select how many questions the user must answer correctly before they are able to reset their password.

  • Select from a list of pre-populated System Security Questions and language.

  • Select Add New Question to create your own security questions.

Forgotten Username Policy Settings

Enable the forgot username feature to allow users to retrieve their username via the e-mail associated with their log in.

You can set expiration of password links in welcome emails.

Manage Login Accounts

A login account stores the information that can be used for authenticating users when they log into a system. It includes information such as login name, login method, and login locale. A person can have multiple users but only one login account.

Login accounts are managed by using the Manage Login Accounts tool.

As an administrator, you can:

  • view employees' login account information.
  • change an employee's login account when the employee has more than one users.
  • notify employees of their login account information or changes to their login accounts.
  • update details of a login account.

Password and Login Policy Settings, Reset Passwords and Reset User Account

Business Example

Company administrators need to know how to modify Password & Login Policy Settings as outlined in the Managing User Information guide on the SAP Help Portal. This can speed up testing and development cycles in development and training environments even if these settings are not used in production environments. Company administrators also need to be able to reset user passwords to test changes made in Password & Login Policy Settings.

Note

If you are performing exercises using a system provided via Learning System Access, please do not perform the Modify Password Settings portion of this exercise. Doing so will force a reset of all user passwords including the admin user and this will disrupt access to your Learning System.

Task 1: Attempt to Reset User Passwords

Steps

  1. Use Reset User Passwords to attempt to reset the password for Alex Anderson to Password1. Confirm that this password does not meet password policy requirements.

    1. Use Action Search to navigate to Reset User Passwords.

    2. If not already selected, select the option Reset individual user password (with supplied password).

    3. In the First Name field enterAlexand wait for the option of Alex Anderson to appear in yellow. Select that option and confirm all 4 fields are populated with Alex’s data. Or you can typeA in the First Name field and click Search Users to get the same result.

    4. In the results table, select the radio button in the row for Alex Anderson.

    5. In the New Password field type Password1 and in the Confirm Password field type the same.

    6. Click Reset User Password.

    7. Confirm you get the following message in red: Password entered does not meet the password policy requirements or does not match the confirm password. Please try again.

Task 2: Modify Password Settings

Steps

  1. Modify Settings in Password & Login Policy Settings Disable Minimum and Maximum Password Ages. Disable Maximum Successive Failed Login Attempts.

    1. Use Action Search to navigate to Password & Login Policy Settings.

    2. Change Minimum Password Age to -1.

    3. Change Maximum Password Age to -1.

    4. Change Maximum Successive Failed Login Attempts to 1.

    5. Change Enable password history policy to 2.

    6. Scroll to the bottom of the page and clickSet Password & Login Policy.

    7. Confirm you get the following message in green near the top of the page:Password & Login Policy Saved.

Task 3: Try again to Reset User Passwords

Steps

  1. Use Reset User Passwords to reset the password for Alex Anderson to Password 1.

    1. Use Action Search to navigate to Reset User Passwords.

    2. If not already selected, select the option Reset individual user password (with supplied password).

    3. In theFirst Name field enter Alex and wait for the option of Alex Anderson to appear in yellow. Select that option and confirm all 4 fields are populated with Alex’s data. Or you can type A in the First Name field and click Search Users to get the same result.

    4. In the results table, select the radio button in the row for Alex Anderson.

    5. In the New Password field type Password1 and in the Confirm Password field type the same.

    6. ClickReset User Password.

    7. Confirm you get the following message in green: The number of users whose passwords have been reset is 1.

    8. If you get the same error message from Task 1, repeat the process and use Password2. Continue this process with successive passwords (Password3, Password4, etc.) until you are able to reset the password successfully. After the first successful reset, use the next successive password to reset your password for the second time. After the second successful reset, reset your password back to Password1.

    9. If the previous step fails, repeat Task 2 and then repeat Task 3

Task 4: Test the change and confirm

Steps

  1. Test the change and confirm that Alex is asked to change the password on initial login.

    1. Select the name menu in the upper right corner of the page and select Log Out.

    2. Re-login with the Username aaaa and Password Password1.

    3. When prompted to change your password enter Password2.

    4. Select the name menu in the upper right corner of the page and selectLog Out.

Result

You now know how to configure Password and Login Policy Settings and how to reset a user password.

Log in to track your progress & complete quizzes