University of Leeds

IT

SAP Communication and Support

Procedure for Forgotten SAP Passwords

View pages in this section

1. How your SAP password is allocated.

The SAP system automatically creates an eight character randomly generated password when a new user is created. You will be informed of your username and password in writing. This information is not given out over the telephone or via email. Passwords are assigned in two areas of the system: the Production (PRD) or live system, and the QAS system (used for training and practice purposes). You receive the same username for each system, but a different initial password.

2. Keeping your password secure.

On accessing the SAP system for the first time, you are prompted to change the initial password allocated to you to a password of your choice. This can be a mixture of letters and numbers between six and eight characters. It is strongly recommended that you choose a password that can be easily remembered but is not obvious to others. Choosing a good password is very important, to protect you and the system you are using. Remember that if anyone breaks into your account you could not only lose data, but will also find it difficult to prove that any misuse of your account wasn't committed by you. To ensure that your password remains secure:
  • Never store a password on a computer unless it is securely encrypted.
  • Do not send it by an insecure method such as unencrypted email.
  • Do not tell anyone your password.
  • If you have to write your password down, make sure you keep the paper secure.

In the interests of security, passwords are valid in the PRD system for 40 days before the system prompts you to change your password. In the QAS system, passwords are valid indefinitely. You will not be prompted to change your password.

As a user of the SAP system you have access to data which is confidential to the University. It is a breach of University regulations to disclose your username and password to any third party, or to allow any third party to operate the SAP system under your username. Contravention of these regulations may result in suspension of access to the SAP system. Any misuse of information could lead to disciplinary action.


3. What to do if you forget your password.


It is possible to enter a password incorrectly into the PRD or QAS system up to six times before your user account is locked and access to the system is denied. In the event that you forget your password or are locked out of the system, you should:

  • Go along with the your Staff ID card, to the ISS Help Desk (located on level 10 of the Edward Boyle Library, just off Red Route). It is advisable to contact the Help Desk in advance to ensure that a member of staff is available to process the password change (contact ext. 33333).
  • Temporary staff without a Staff ID card should present an appropriate form of identification to the Help Desk.
  • The Help Desk will verify your identity and require you to complete a form. They will then pass the form to the ISS User Administration Team who will normally issue a new password immediately.
  • The new password will be noted on the tear-off section of the form and given back to you.

Staff located at the main Bretton Hall campus should:

  • Go with your staff ID card, to the ISS Help Desk above the Learning Centre on the Bretton campus.
  • ISS Help Desk staff will verify your identity and require you to fill in a form. They will then fax the form to the ISS User Administration Team at the Leeds campus.
  • User Administration will change the password and contact you directly via telephone to inform you of the new password.

Staff located at City site, Wakefield (formerly Manygates) should:

  • Contact your IT User Representative (usually based on the main Leeds campus. List available from ISS User Administration) to inform them that you have forgotten your password. Please state your SAP username.
  • The User Representative will contact the ISS User Administration Team either by phone or email.
  • The User Administration Team will complete the Password Change Request form and contact you directly via telephone to inform you of the new password.

4. Reasons for password security.The above procedure is designed to ensure that the person requesting the change of password is actually the authorised user.

The password is a key element in the security process to ensure that users are restricted to those parts of the system for which they are authorised. Any breaches of security may result in:

  • Fraud, e.g. raising purchase orders, creating goods receipt notes and paying fictitious suppliers.
  • Users having access to information which relates to other departments.
  • Users being able to see confidential vendors, cost centres, profit centres and GL accounts.
  • Users being able to see staff personal data - salaries, addresses, tax details, etc.
  • Users being able to see Professorial and Grade 6 salaries.
  • Users being able to change configuration.
  • Users being able to change security profiles.

SAP security and authorisation procedures are subject to audit and are reviewed on a regular basis.

Contact us

Telephone: + 44 (0) 113 343 3333

Send your feedback or find key contact details.