Tell us what you think

We want to create the best possible experience for our learners. Your feedback helps us to improve the experience for everyone.

Modifying System Access Settings

Objectives

After completing this lesson, you will be able to:

Modify password and login policy settings
Manage Login Accounts

Adjust Password Policy Settings

Administrators have the ability to customize the login, help, and login help UI for their instance. To make changes to the Login settings, select Company Settings → Password & Login Policy Settings.

Forgotten Password Policy Settings

Enable the forgot password feature and select the option for resetting the user's password without admin intervention. By enabling this feature, users will be able to reset their password by:

Receiving a link to reset their password via the e-mail associated with their login ID. Additionally, you may permit users to provide an e-mail to send the password link to.
Resetting the password by answering security questions prior to providing a link to reset their password via the e-mail associated with their login.
Resetting the password by answering security questions prior to providing a link to reset their password. This option redirects users to the security question page to reset their password after answering the security questions correctly.

To create security questions for the user to respond to, select the Manage security questions link.

Other options to adjust password policy settings

With option 1 Set Welcome Password and Reset Password link expiration (in days) Expiration can be up to 30 days, please enter a value between 1 and 30. Changing this setting will affect all links that have yet to expire.

With option 2 Password Expiration for Long-Time Unused Passwords (in years) This option is to expire passwords that have not been used to log in to the system longer than the number of years that you select from the dropdown. To disable this option, choose N/A.

With option 3 Enable CAPTCHA for the Forgot Password page Specify how many consecutive attempts of sending resetting password emails from the Forgot Password page are allowed within one minute before the system prompts a CAPTCHA. Select a number from the dropdown. To disable this option, choose N/A.

Reset passwords

As an administrator, it is likely that resetting passwords will be part of your role. There are three types of password resets available in SAP SuccessFactors:

Reset individual user password (with supplied password): To reset one user's password to a specific new one.
Reset individual user password: To reset one user's password to a system-generated one.
Reset group of users passwords: To reset passwords for a specific group of users to system-generated passwords at once. The number of users selected in the group will be displayed.

Users receive system e-mail notifications once their passwords are reset. When users log into the system, a Password Change window pops up, requiring users to update their passwords. If security questions have been enabled in the instance, then users will be prompted to choose security questions before they enter the new password.

Note

On the Reset individual user password (with supplied password) page and Reset individual user password page, the Login Method column is available. When resetting passwords for a group of users, the administrators can see the count of PWD users and SSO users who are impacted. When resetting passwords for SSO users, a message indicates that the passwords only impact Basic-Authentication and token-based SSO.

Reset locked user accounts

Resetting user accounts is only applicable if your company allows users a specific number of unsuccessful login attempts before locking their account. The system automatically locks the user account when the user exceeds the number of allowable unsuccessful login attempts.

This means that once the account is locked, the user will not be able to log in again until an administrator resets the account. When you reset an account, you're only reactivating the account so that the user can login again; no other changes are made.

As an administrator, you can easily and quickly reset locked user accounts.

From the Admin Center, select Reset User Account.
You will be directed to a page in which you can filter employees by division, department, group, or location, or simply enter their name or job code. Enter search criteria and select Search Users.
The system generates a list of users that match your criteria. A locked out user is displayed on the list with a red X in the Status column.
Choose the users that you would like to reset by selecting the checkbox next to their name.
Select Reset Selected Users to reset and unlock their user accounts.

Control the login features and assistance available

The Manage security questions… link on the Password & Login Policy Settings page provides a library of the security questions and settings to make available to users to reset their password.

Using this page, administrators can do the following:

Select how many questions the user must answer correctly before they are able to reset their password.
Select from a list of pre-populated System Security Questions and language.
Select Add New Question to create your own security questions.

Forgotten Username Policy Settings

Enable the forgot username feature to allow users to retrieve their username via the e-mail associated with their log in.

You can set expiration of password links in welcome emails.

Manage Login Accounts

A login account stores the information that can be used for authenticating users when they log into a system. It includes information such as login name, login method, and login locale. A person can have multiple users but only one login account.

As an administrator, you can:

view employees' login account information.
change an employee's login account when the employee has more than one users.
notify employees of their login account information or changes to their login accounts.
update details of a login account.

Next lesson