SAP Knowledge Base Article - Public

2625180 - Forgot user functionaility is not throwing validation error with bad e-mail address


When attempting to use the forgot user function, and a bad e-mail address formatted correctly ( has a @ and a ."something") after, the screen goes to the ID assistnace screen instead of throwing a validation error. A valadation error can be created if the user puts in a bad e-mail address, such as forgetting a @, but not when a fake e-mail is entered.


SAP Learning Management System


This is working as intended. Validation errors should only be thrown if the e-mail structure is incorrect not if there is bad data in the e-mail.


This helps prevent people with malicious intent to brute force find out if a e-mail address is a valid one for the company they are trying to access.


KBA , LOD-SF-LMS-ADM , System Admin, Global Variables, References , Problem


SAP SuccessFactors HCM Core 1711