Just as there is a default client, every installed R/3 System contains default users that have specific predefined authorizations
Client User Default Password
000 SAP* 06071992
000 DDIC 19920706
001 SAP* 06071992
001 DDIC 19920706
066 EARLYWATCH SUPPORT
If You try to delete the user SAP* and DDIC, the password is reset to the password in the R/3 kernel, PASS. The users themselves are retained. This is constitutes a gap in security.
To overcome this we user to Restrict the login on USER SAP*. Through SAP Profile Management.