SAP System Profile Parameter for SAP Security

Login System Profile paramenter for SAP Security:

Here is a set of system profile parameter required for SAP security and it will enhance the protection and we can have control over SAP login and below profile parameters are useful to implement SAP security in your landscape.

This is a 1st set of profile parameters and i will post next set of system profile paramter which is required for Basis and Security in upcoming post.

Profile parameter	Description	Default value	Recommended value
login/min_password_lng	Minimum password length for user password	3	3
login/password_expiration_time	Number of days between forced password change	0	90
Login/fails_to_session_end	Number of invalid logon attempts allowed before the SAP GUI is disconnected	3	3
Login/fails_to_user_lock	Number of invalid logon attempts within a day before the user id is automatically locked by the system	12	5
rdisp/gui_auto_logout	Time, in seconds, that SAPGUI is automatically disconnected because of in-activity	0	30
Auth/test_mode	Switch to report RSUSR400 for authority check	N	N
Auth/system_access_check_off	Switch off automatic authority check	N	N
Auth/no_check_in_some_cases	Special authorization checks turned off by customer	N	Y
Login/ext_security	Security access controlled by external software	N	N
Auth/rfc_authority_check	Permission for remote function calls from within ABAP programs	0	1
Login/failed_user_auto_unlock	Disable system function for automatic unlock of users at midnight	0	1
Login/no_automatic_user_sapstar	Disable ability to logon as SAP* with PASS of password when SAP* deleted	0	1
Auth/no_check_on_tcode	Disable check of S_TCODE on non-basis transactions	N	N
Auth/auth_number_in_userbuffer	Number of authorizations allowed in the user buffer	800	1000
Auth/authorization_trace	Every trace will be logged once in table USOBX	N	N
Auth/check_value_write_on	Write value for SU53 security checking/authorization failure	Y	Y

 Hope this document is helpful to you.