You can now apply password restrictions based on strings within the passwords. Specifying the RT option in the NEWPW control option prohibits passwords that contain any string that matches an entry from the restricted password list.
Note: The restriction applies regardless of where the string occurs within the password. For complete information about using the NEWPW option to enforce password restrictions (or using the RPW option to manage the restricted password list), see the CA Top Secret Control Options Guide.
Example: Deny Password Use Based on a PGMR String
This example prevents a user from specifying a new password that contains one of the entries in the restricted password list. The entry can be any string that occurs within the password.
TSS MODIFY NEWPW(MIN=04,MAX=008,WARN=03,MINDAYS=01,NR=0,ID,TS,RT)
For this example, the restricted password list contains the entry PGMR. Later, a user needs a password change and tries to use the password STARPGMR; however, PGMR exists in the restricted password list, making the password unacceptable. If the ACID tries 12PGMR34 as the new password, the same rejection occurs.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|