Skip to Content

Diesen Beitrag gibt es auch auf Deutsch.

Since the SAP Support Portal and the SAP ONE Support Launchpad became your primary access points to SAP support services, numerous applications have been migrated from the old service.sap.com infrastructure to modern systems. Only a few “niche” tools are still hosted on the legacy platform, retaining the requirement to choose a password with exactly 8 characters for them. This requirement no longer exists for the migrated applications.

Starting November 4th, 2017, you may choose a more complex, safer password. It must be at least 8 characters long – maximum length is 255 – and include three of the following: Uppercase letters, lowercase letters, numbers, symbols. The “exactly-8-characters” oddity will be a thing of the past.

Well, almost. If you happen to be one of the customers who still have to access one of the legacy tools, you must use a password that complies with the old rules, but only for these old applications.

Not for the SAP ONE Support Launchpad.
Not for the SAP Support Portal.

So why, when, and how would you come into contact with the old platform?

There are potentially two touchpoints with the service.sap.com legacy infrastructure:

First, you might enter it through your web browser (1). A few legacy applications are still referenced from the launchpad.

  • Legacy incidents, access to tickets from 2014 or before;
  • Legacy Service Messages, communication about a service that was delivered prior to mid-2017;
  • Maintain Own Clusters, Run Authorization Reports, or Mass Updates of Authorizations, special features to maintain your colleagues’ authorization profiles.

Second, you might connect to the legacy support platform through a support tool. The URL of the system you are connecting to and the logon credentials are not necessarily exposed, so this may even happen unwittingly:

  • SAP Download Manager;
  • Line Opener Program;
  • RFC from an SAP Solution Manager 7.1 or older (2).

Regardless of how you access the legacy support platform, these are your options:

  1. You don’t do anything and continue to use your current 8-character password for the old and the new platforms. Nothing will change for you.
  2. You prefer to choose a new, safer password for launchpad and portal. In this case, you will end up having two separate ones: One for the new world, one (with 8 characters) for the old support platform.

SAP Support will do their best to mitigate any negative impact: In the SAP ONE Support Launchpad, whenever a link to a legacy tool is offered, a popup window will make you aware of the fact that you are about to enter the old world:

You won’t be caught on the wrong foot when you are asked to enter your password for the legacy platform, and you can reset or change it from there.

It goes without saying that SAP is committed to finalizing the migration of remaining legacy applications to the SAP ONE Support Launchpad.


(1) If you have a single sign-on certificate installed in your browser, you don’t have to enter any ID or password.
(2) Users for Support Hub Communication in SAP Solution Manager 7.2 are not affected by the new password policy, see KBA 2174416.

To report this post you need to login first.

10 Comments

You must be Logged on to comment or reply to a post.

  1. Jörg Edinger

    Hi Peter,

    thank you for the nice and helpful article. Nice that the limitation of 8 digits ends with the 4th of November.

    2 Questions:

    • is there a limitation of digits for the new passwords? if so, how much digits are possible?
    • Is there a time horizon for the complete migration of the legacy applications?

    Thank you!

    Kind regards,

    Joerg

    (0) 
    1. Peter Kappelmann Post author

      Hello Jörg,

      The maximum password length will be 255 characters. I have added this detail to the blog.

      Regarding a time-line for the completion of the migration of legacy applications to the SAP ONE Support Launchpad: Our goal has always been to redesign tools wherever possible, not just “copy them over” to the new platform. Some of them (cluster maintenance) are complex, and replacing them by smarter alternatives is challenging. That’s why it takes a bit longer. Still, we expect to have this completed around mid-2018.

      Best regards,
      Peter

      (0) 
    1. Peter Kappelmann Post author

      Hello Steffi,

      This change only affects the SAP Support Portal and SAP ONE Support Launchpad. SAP.com and SAP Community already have a more modern password policy in place.

      Please note that once you are signed in to one of the above mentioned websites, you are also logged on to the others thanks to single sign-on. This won’t change of course.

      Best regards,
      Peter

      (0) 
      1. Steffi Warnecke

        “SAP.com and SAP Community already have a more modern password policy in place.”

        They do? I changed my password just yesterday and it was the same as ever, including “exactly 8 characters”. Or is this because I have an s-user?

        (0) 
    1. Peter Kappelmann Post author

       

      Hi Jelena,

      I like the comic.

      Yes, it may be mathematically proven that correcthorsebatterystaple is a safer password than Tr0ubAdor&3 and easier to remember. But the fact that it is safer, that’s mainly because it is longer. I am sure that if someone can remember correcthorsebatterystaple, they can also memorise correct.horse.battery.staple, thus increase the time it takes to guess this password by another significant factor. Today, with the exactly-8-character restriction, such a password cannot be chosen. Users are indeed forced to substitute “readable characters” by special symbols.

      After November 4th it will be possible to choose a longer password. Which allows visitors to use special characters in addition to normal ones, not as substitution.

      Best regards,
      Peter

      (0) 

Leave a Reply