Here is how to find lost sap * And ddic passwords:
1) Logon As DB admin (on Oracle: ora, for Informix: Informix)
2.) run the SQL program of your database (on Oracle: sqlplus, for Informix: dbaccess)
3 .) important: Make a current snapshot of the table. do an export on table usr02 (Oracle: Use the command exp, Informix: Use dbexport )... alternative: Create a table copy of usr02 this will be used if anything goes wrong.
4 .) now do a SELECT command on table usr02. the idea is to check if sap * is present in the client you want. (command: Select * From usr02 where mandt = 'xxx' and bname = 'sap *'... mandt here is the client )... this is an optional step...
5 .) the next step is to make a copy of the sap * Table Record (to be used on step #9 ). for Oracle, create a temporary table with usr02 structure and insert the value sap * from the client that you want. for Informix, you may just copy the exported usr02 data and edit it using VI to delete other records other than sap *.. or use the same steps as in Oracle.
6.) Delete the record sap * on the required client only on table usr02. (command: delete from usr02 where mandt = 'xxx' and bname = 'sap *').
Commit the changes, if needed.
7 .) now logon to sap. use the ID sap * and password pass (or 06071992 ). you can now edit the password for the ddic user ID. you have to create a user ID or give authorization to ddic (if needed) to access transaction su01.
Code
For example, in my sap IDES system, I can do like below step:
User ddic can be unlocked using any user who has administration privelages (example: SAP *) using su01.
Infact as Benjamin said you cannot recover the encrypted password from SQL database, the only alternative is unlock and reset the password.
There is one situation where in you have to use a SQL query, that is when u create a new client and sap * User get locked, since you have no other user to unlock it (assuming you are logging in for the first time and got sap * locked)
SQL query is as follows:
Delete from er1.usr02 where bname = 'ddic' and mandt = '000'
This is possible because the sap * user is hardcored to kernel, When you delete this user from database, SAP automatically gets this user from the kernel.