Show TOC Start of Content Area

Background documentation Password Storage and Transport  Locate the document in its SAP Library structure

Storage

By using a one-way hash routine, the system converts a user's plain-text password to a corresponding hash value that is stored in the database.

Recommendation

Although the "one-way" hash routine makes it nearly impossible to compute the original plain-text password from the hash value, you should restrict access to the table USR02 where the hash values are stored. For more information, see SAP note 1237762.

Transport

How the password is protected during transport depends on the front end component used:

·        SAP GUI for Windows

For the transport between the SAP GUI for Windows and the application server, the data is compressed.

Note

For increased security, you can use Secure Network Communications (SNC). With SNC, you eliminate the need to send the password over the network altogether.

·        Web frontend

When using a Web frontend (for example, SAP GUI for HTML or WebReporting), you can have the information transfer encrypted by using the Secure Sockets Layer (SSL) protocol.

See also:

Transport Layer Security

 

 

 

 

End of Content Area