Skip to Content

Enforcing password blacklist policy in HANA

When creating new passwords, users are not allowed to use blacklisted words or partial words. Use SQL commands to insert or delete words or partial words from the password blacklist table.

● For inserting terms into and deleting terms from the password blacklist, you must have INSERT and DELETE privileges on either the table (_SYS_PASSWORD_BLACKLIST) or the entire _SYS_SECURITY schema.

● To view the contents of a table only, you must have the SELECT privilege.

Password_blacklist.png

The password blacklist in SAP HANA has been implemented with the table following table

_SYS_PASSWORD_BLACKLIST.

Note: This table is empty when you create a new instance.

You can add records to and delete records from the _SYS_PASSWORD_BLACKLIST table using the INSERT and DELETE SQL commands. You must specify values for all three columns described below:

Following table describes columns of the _SYS_PASSWORD_BLACKLIST table.

/wp-content/uploads/2013/05/password_black_list_222400.png

Lets see one example

In this example, the passwords “SAP”, “my_sap_pwd” and “sap_password” would not be allowed,

INSERT INTO _SYS_SECURITY._SYS_PASSWORD_BLACKLIST VALUES (‘sap’, ‘TRUE’, ‘FALSE’)


regardless of how the password layout and minimal password length are defined in the corresponding parameters.

2 Comments
You must be Logged on to comment or reply to a post.