How Does CA ACF2 for z/VM Work? › CA ACF2 for z/VM Privileges › Passwords
Passwords
Every logonid must have an associated password. Before processing the password information, CA ACF2 for z/VM encrypts it in a one‑way method that cannot be deciphered. CA ACF2 for z/VM never displays a password, either in its encoded or clear text form. You can specify password controls in the PSWD VMO record. The following describes some of the controls you can implement:
- The number of times you can enter an incorrect password in a single day for a given logonid before the logonid is suspended.
- The maximum number of days allowed before you must change a password to a different one.
- The minimum number of days that you must keep your password before you can change it again.
- The number of days before password expiration when CA ACF2 for z/VM issues a warning at logon to change the password on each system access.
- The minimum number of characters required for a password.
- Whether you can modify your own password at system entry time.
- Whether to use a password exit to gain control when you enter a new password at system entry or with the ACF command. This exit can deny the new password.
- Decide how many previous passwords are to be stored in history.
- Support z/OS UNIX and mainframe Linux uses of mixed-case passwords.
Copyright © 2009 CA Technologies.
All rights reserved.
|
|