Enforcing password blacklist policy in HANA
When creating new passwords, users are not allowed to use blacklisted words or partial words. Use SQL commands to insert or delete words or partial words from the password blacklist table.
● For inserting terms into and deleting terms from the password blacklist, you must have INSERT and DELETE privileges on either the table (_SYS_PASSWORD_BLACKLIST) or the entire _SYS_SECURITY schema.
● To view the contents of a table only, you must have the SELECT privilege.
The password blacklist in SAP HANA has been implemented with the table following table
_SYS_PASSWORD_BLACKLIST.
Note: This table is empty when you create a new instance.
You can add records to and delete records from the _SYS_PASSWORD_BLACKLIST table using the INSERT and DELETE SQL commands. You must specify values for all three columns described below:
Following table describes columns of the _SYS_PASSWORD_BLACKLIST table.
Lets see one example
In this example, the passwords “SAP”, “my_sap_pwd” and “sap_password” would not be allowed,
INSERT INTO _SYS_SECURITY._SYS_PASSWORD_BLACKLIST VALUES (‘sap’, ‘TRUE’, ‘FALSE’)
regardless of how the password layout and minimal password length are defined in the corresponding parameters.
Hi Kavshgar,
Before publishing make sure that your document or blog was not already published by others and should bring value to community.
This is already covered http://scn.sap.com/docs/DOC-41954
Regards
Raj
Hi Raj,
Sorry about that , I did search SCN and I always do that to avoid duplicate content , but couldn't find.
I will double check before publishing my future posts
Regards
Kavashgar M