Use of password controls is refined by using the PASSWORD attribute on each user ACID. The available options are:
Specifies a password for a user ACID to be used the next time the user signs on.
Specifies that an ACID does not require a password. CA recommends that this be used only when necessary. It should never be used for ACIDs that have access to online facilities. ACID names are often commonly known in an organization, and an ACID with the no password attribute (NOPW) is virtually unprotected.
Specify the interval at which a password must be revised. The user is forced to change his password at the defined interval. If you have decided not to allow the user to change his own password, the CA Top Secret security administrator must replace the password before or when the password expires, or the user's ACID will become unusable. If no interval is specified, the default interval is the value set through the PWEXP control option.
This parameter expires the password the first time the associated ACID is used. This establishes and encourages confidentiality of passwords as quickly as possible. CA recommends that organizations choosing to allow users to change their own passwords use this parameter whenever passwords are created or replaced so that the administrator will not know what the password is after the user first uses the ACID.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|