We are implementing SSO and Unified Solution login currently and will consider this requirement within that project. I agree that this in turn introduces a security risk so will need to be considered by the engineering team.
It is certainly a security risk. But from a customer's point of view, however, I understand this need. For example, if the customer has DQM-solution with DS, IS and ISA. Then he can put the option "password never expires" in the pure sap products. But in ISA he has to change the password again and again. I understand that this does not seem to be consistent from a customer perspective. Many customers already have a lot of logins. Therefore, I see this option as an importent thing.
We are implementing SSO and Unified Solution login currently and will consider this requirement within that project. I agree that this in turn introduces a security risk so will need to be considered by the engineering team.
Attachments Open full size
It is certainly a security risk. But from a customer's point of view, however, I understand this need. For example, if the customer has DQM-solution with DS, IS and ISA. Then he can put the option "password never expires" in the pure sap products. But in ISA he has to change the password again and again. I understand that this does not seem to be consistent from a customer perspective. Many customers already have a lot of logins. Therefore, I see this option as an importent thing.
Attachments Open full size
I disagree, this is a security risk.
Attachments Open full size