Close

HAVE QUESTIONS?

Contact us today.

Subscribe me to your mailing list

SAP Application Server Security essentials: default passwords

SAP

One of the easiest and most common ways to hack SAP system is to make the connection with the use of default passwords. Some of them are well-known and some are not (for example TMSADM). All the users who have default passwords are very powerful.

So if you think that you are a great GRC expert and seek to secure your SAP environment to solve 5-dimensional cross-system SoD conflicts, there is something you must do right now – change these passwords:

SAP*:06071992 or PASS clients: 000 001 066 and custom
DDIC:19920706 clients: 000 001 066 and custom
SAPCPIC:ADMIN clients: 000 001 and custom
EARLYWATCH:support clients: 066
TMSADM:password clients: 000 001

P.S. If you think that this is a well-known issue and everybody has already changed it, you are mistaken. Every time at all security assessments I come across at least one system with those passwords.

Do you want more?

Subscribe me to your mailing list