If you are using RACF, SAF, CA ACF2, or CA Top Secret, you can set the product to bypass new password verification. Normally, users are prompted to re-enter their new passwords after they enter them the first time. When this option is set, they do not have to re-enter the password.
Important! If you use this option a possible security problem exists. An unauthorized user could fill in the new password field on a Logo panel. Then another user could sign on normally, entering their user ID and password. Because the new password field has been filled and is not verified, that new password will go into effect without the user's knowledge.
Also, if a user makes a mistake while entering the new password, there is no way to verify the password before it takes effect.
To bypass verification, specify Y in the Bypass New Pswd Reverification field of the System Options Table (SMRT).
|
Copyright © 2013 CA.
All rights reserved.
|
|