Skip to Content

The saving of passwords in the SAP Logon shortcut is useful. Especially when you use a lot of different systems on different sites (like me) in your SAP logon.

As from SAP Logon 7.40 patch level 1 saving of the password is disabled by default. But it can be enabled as described in Note 146173:

The note needs a little bit of explanation:

  • First a Windows registry entry needs to be created that will make it possible to enable (or disable) the saving of passwords in a SAP shortcut. The registry entry can be created by starting the program sapshcut.exe once. The program needs to be started in administrative mode.
  • After that the next registry entry is created: HKEY_CURRENT_USER\Software\SAP\SAPShortcut\Security\EnablePassword. The record can be displayed of maintained with the Windows registry editor. By starting the program regedit.exe.
  • Changing the value to 1 will allow you to store the password in (SAP Logon) shortcut.
To report this post you need to login first.

3 Comments

You must be Logged on to comment or reply to a post.

  1. Frank Koehntopp

    Let’s hope your PC is protected against other people logging in, or processes stealing your files.

    Using certificate based logon is certainly a better idea.

    (4) 
  2. Frank Krause

    Hi all,

    I would like to stress again the SAP view on the “saving passwords in SAP Shortcuts” feature.

    1) Using this feature is a security risk. In the interest of all users we strongly have to mention again that it should not be used. This holds true especially if users are not aware of the fact that an SAP Shortcut with full credentials in it can be used by anybody to log on with a foreign user account. Yes, you may say that you protect the files on your hard disk, but will all users do this (or will they even mail the shortcuts)? From SAP perspective this risk should not be ignored and therefore the administrators should NOT enable the feature.

    2) There are better and more secure alternatives to the feature available (SSO solutions); if it is just about remembering passwords there are many programs available which store passwords in a safe way.

    3) The password saving feature does not have a future anymore. With the introduction of SAP UI Landscape it has been removed and even though it is still working for saplogon.ini it is just a question of time until SAP GUI for Windows will no longer support saplogon.ini at all (before you ask: SAP GUI for Windows 7.50 will still support saplogon.ini). This feature will thus disappear.

    4) SAP UI Landscape is already in release 7.40 mandatory for the combined usage of SAP GUI for Windows and the SAP Business Client. If you turn off SAP UI Landscape you cannot run this combination which adds a lot of value for end users.

    My summary is therefore: Don’t use this feature!

    Best regards,
    Frank

    (1) 
  3. Jack Graus Post author

    User password security for SAP logon is of course something to be considered. Me myself do not feel a security issue on storing a user and a password on a computer that is a personal computer and is only in use by myself.
    SSO is fine and I agree this should be a preferred solution when you do not want to retype user password at every SAP logon. Nevertheless in my work as a SAP consultant some of my clients do not use SSO. One reason not to do so is because the availability of (Windows) SSO solutions is not as good as expected for a SAP system.

     

    Having said that 🙂

    I recently changed to SAP GUI 7.50. And as already announced it is not possible anymore to store a password in a SAP logon shortcut.
    A Windows shortcut to the SAP logon shortcut executable can be a good replacement. In the Windows shortcut it is possible to store SAP logon password and other login connection parameters. Several shortcuts to different systems can be grouped together as Windows folders and files. Or in Windows 8, 10 to pin it to a taskbar or start menu. Logging in is just a matter of clicking the shortcut.

     

     

    The shortcut target looks like:

    %ProgramFiles(x86)%\SAP\FrontEnd\SAPgui\sapshcut.exe 1.1.1.1 -user=ABCD -pw=XXXXX -system=YYY -Client=100

    Where 1.1.1.1 is the SAP system, ABCD the user, XXXXX the password, YYY the system ID and 100 the client.

     

    Regards Jack

     

     

     

    (0) 

Leave a Reply