2022-08-16 3195045

3195045 - Modifying the login/password_expiration_time

parameter prompts DIA users to change password
Version 1 Type SAP Knowledge Base Article
Language English Master Language English
Release Status Released to Customer Category How To
Component BC-SEC-LGN (Authentication) Released On 21.04.2022

Please find the original document at https://launchpad.support.sap.com/#/notes/3195045

Symptom

SAP Security Administrator modifies the login/password_expiration_time parameter's value in tcode RZ11,
after which many users are requested (password change prompt) to change their password. It does not
necessarily affect all users.

Reproducing the Issue

Modify the login/password_expiration_time parameter's value e.g. to 90 days using tcode RZ11.

Resolution

Modifying the login/password_expiration_time parameter's value triggers a check in the USR02 table, where
the PWDCHGDATE is taken into account.

PWDCHGDATE = The date when the user modified the password last time.

Example - if the login/password_expiration_time is set to 90:

1, If 90 days (or more) have elapsed since PWDCHGDATE, the user will be prompted to change the
password.

2, Otherwise, the user will be prompted to change password only if the 90 days has elapsed after
PWDCHGDATE.

See Also

© 2022 SAP SE or an SAP affiliate company. All rights reserved 1 of 2

2022-08-16 3195045

SAP Help Portal - Profile Parameters for Logon and Password (Login Parameters)

Keywords

login/password_expiration_time, RZ11, login/password_expiration_time=90, logon, security, policy, login

parameter, USR02, table, PWDCHGDATE, password prompt, change, modification

Terms of use | Copyright | Trademark | Legal Disclosure | Privacy

© 2022 SAP SE or an SAP affiliate company. All rights reserved 2 of 2