Skip to Content
Technical Articles
Author's profile photo Ning Tong

HANA SYSTEM user can be locked for too many failed logon attempts (starting with Rev.102)

Today, I face a problem regarding to invalid username and password for DB system user whereas the password was never changed or forgot (not sure if somebody has input a wrong password several times before).

Background Information: Our HANA version: SPS 10 Rev.102.02

As I check with SAP HANA Administration Guide of SPS 10, it mentions that the SYSTEM user will not be locked regardless of the number of failed logon attempts in Number of Allowed Failed Logon Attempts. However, the user information page shows a warning like that the system user with status: suspicious Too many invalid connect attempts.

At that time, I had no idea about how to fix this situation but to try ALTER USER SYSTEM RESET CONNECT ATTEMPTS. The warning information of system user disappears and I successfully logon the system with the known password of user SYSTEM 😕 .

I take sometimes to search note regarding to the password of user SYSTEM, then get the following note  2251556 – SAP HANA SYSTEM user can now be locked for too many failed logon attempts and 2216869 – Security improvement of HANA authentication

Starting from SAP HANA Revision 102, the SYSTEM user can be locked if logon attempts fail for too many times, just like the other database users. 😥


1. ALTER USER SYSTEM RESET CONNECT ATTEMPTS (create a backup user with the “USER ADMIN” system privilege before)

2. Set parameter password_lock_for_system_user to false (Not recommended)

Hopes this blog will help to fix this kind of password problem.


Ning Tong

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo MUTHU KUMARAN

      Hi  Ning Tong,

      Thanks for the nice blog.

      I have another user which doesn't have user admin privilege.

      My SYSTEM user is locked now, I didn't set the parameter to false.

      Can you give any suggestions on this scenario?

      Thanks & Regards,


      Author's profile photo Ning Tong
      Ning Tong
      Blog Post Author

      Please temporarily change parameter password_lock_for_system_user” value as “false” using another user with proper authorization.

      Author's profile photo Devender Bhatt
      Devender Bhatt

      Run the file and then execute the command hdbnameserver -resetUserSystem


      Author's profile photo SAP Basis Support
      SAP Basis Support

      my senario is this is a tenant DB. i have access to master DB. is it possible to unlock system user of tenant db using the master db system user?

      Author's profile photo Ning Tong
      Ning Tong
      Blog Post Author

      Two possible methods:

      1. login to the TENANT database with other user ID which having the USER ADMIN privilege. Go to Security > Users > change the password.

      2. Reset the SYSTEM User Password of a Tenant Database as per Note 2274157 – How to Reset System User Password for Tenant Database – SAP HANA

      Author's profile photo Luis Benavides Andrade
      Luis Benavides Andrade

      Dear Tong,


      Many thanks for sharing your knowledge, was very helpful for me and save me time to solve it.

      I very grateful 🙂


      Luis Benavides Andrade

      Author's profile photo Gabriela Lopez Leon
      Gabriela Lopez Leon

      Hello hope everyone is fine


      after using

      the count never goes down nor change...
      for example before running the reset the user has 1308 invalid attempts, after running the RESET CONNECT ATTEMPTS, it keeps with 1308 
      Kind Regards