SAP Knowledge Base Article - Public

2856530 - What is the password policy for the default SAP Cloud Identity in SAP Analytics Cloud (SAC) & SAP Digital Boardroom?


What is the password policy for the default SAP Cloud Identity in SAP Analytics Cloud (SAC) & SAP Digital Boardroom?

Some basic questions may be like below:

  • How many failed logon attempt will make the user be locked?

  • How much time will the password be expired?

  • Which kind of password is accepted? Is it needed that some special characters must be used?


Note: The 3rd party custom IDP is managed outside SAP and not belongs to the scope of this SAP Knowledge Base Article.


  • SAP Analytics Cloud
  • SAP Cloud Platform Identity Authentication Service (IAS)


SAP Analytics Cloud with the default IDP is using the STANDARD password policy in the default SAP Cloud Platform Identity Authentication service.

See below table for the policy details:

This is not a configurable option, therefore this policy cannot be changed for default IDP.

Requirement Standard
Content of password
  • Minimum length of 8 characters;
  • Maximum length of 255 characters;
  • Characters from at least three of the following groups:
    • Lower-case Latin characters (a-z);
    • Upper-case Latin characters (A-Z);
    • Base 10 digits (0-9);
    • Non-alphabetic characters (!@#$%...);
Session time limit

Indicates when the current session expires.

Yes, 12 hours
"Remember me" option

Indicates whether the browser can store a cookie with the credentials.

Forgot password deactivation period

Indicates the period during which users can initiate the number of forgot password e-mails specified by the forgot password counter.

Yes, 24 hours
Forgot password counter

Indicates how many times a user can initiate forgot password e-mails during the deactivation period. For example, a user can initiate up to 3 forgot password e-mails within 24 hours.

Yes, 3
Minimum password age

Shows the minimum lifetime of a password before it can be changed.

Maximum failed logon attempts

Indicates how many logon attempts are allowed before the user password is locked.

Yes, 5
Password locked period

Indicates how long a password is locked for.

Yes, 1 hour
Maximum password age

Shows the maximum lifetime of a password before it has to be changed.

Password history

Indicates whether a password history is retained, and how many passwords from the history are retained.

Maximum unused period

Indicates how long the system retains unused passwords for.


See Also

Your feedback is important to help us improve our knowledge base.


SAP Cloud for Planning, sc4p, c4p, cforp, cloudforplanning, Cloud for Analytics, Cloud4Analytics, CloudforAnalytics, Cloud 4 Planning, BOC, SAPBusinessObjectsCloud, BusinessObjectsCloud, BOBJcloud, BOCloud., SAC, SAP AC, Cloud-Analytics, CloudAnalytics, SAPCloudAnalytics,Error, Issue, System, Data, User, Unable, Access, Connection, Sac, Connector, Live, Acquisition, Up, Set, setup, Model, BW, Connect, Story, Tenant, Import, Failed, Using, Working, SAML, SSO , KBA , reset password sap analitycs cloud sac k , LOD-ANA-AUT , SAC Authentication / Login , How To


SAP Analytics Cloud 1.0