SAP Knowledge Base Article - Public

2588887 - Password expiration or Maximum Password Age are not working - SuccessFactors Platform

Symptom

  • Password & Login Policy settings are configured to prompt users to reset their passwords, but users are not being prompted
  • User passwords are not expiring even after setting the Maximum Password Age
  • Users are not being prompted for password reset when expected

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

SAP SuccessFactors HXM Suite

Reproducing the Issue

  1. On "Password & Login Policy Settings", a value is set to prompt users to reset their password after some period (for example, 60 days).

    Password Policy (1).png

  2. After the period set (for example, 61 days), users are not prompted for password reset and their passwords keep working normally.

Cause

There are two potential causes for this:

  1. "Hide the Personal Password Tab from users" is enabled and preventing users from being prompted to reset their password;
  2. The instance has Single Sign-On enabled, or the instance used to have Single Sign-On enabled and "Partial Organization Single Sign-On" option is still enabled in Provisioning.

Resolution

  1. If your instance has Single Sign-On enabled, it is an expected behavior that user passwords do not expire.

  2. If you used to have Single Sign-On enabled, please have your implementation partner make sure that option "Partial Organization Single Sign-On" is disabled in Provisioning.
    If that option is enabled, even after SSO has been disabled, users with loginMethod set to "SSO" or NULL will not have their password expired.
    If you do not have an implementation partner, please report an incident for Cloud Product Support to disable that feature for you.

  3. To disable or check if option "Hide the Personal Password Tab from users" is enabled, please follow the steps below:

    a) Go to "Admin Center" > "Company System and Logo Settings"
    b) If checked, un-check the checkbox named "Hide the Personal Password Tab from users" (as shown in the screenshot below)
    c) Click "Save"

Hide the Personal Password Tab from users (1).png

Keywords

password and login policy, password policy, passwords, password expiration, password age, password maximum age, SSO, single sign-on, PWD, Partial Single Sign-On, partial SSO, login method, loginmethod, PLA-6035 , KBA , LOD-SF-PLT , Platform Foundational Capabilities , LOD-SF-PLT-PWD , Password Policy Settings & Reset Password , Problem

Product

SAP SuccessFactors HXM Suite all versions