Case Study #006.01

Scenario

The login/min_password_lng parameter in the SAP system is set to '6'.

Impact

The length of a password directly impacts its vulnerability to being cracked. Therefore, for new systems, the default password length should be set to at least 10 characters, and password complexity should be enforced.

DefenceMore OCA Capabilities

Defencemore OCA's P001 control reviews all password-related parameters configured in the system and lists those that are not suitable for secure use.

Related Checks

• P001 Password Parameters Check