> -----Original Message----- > From: IBM Mainframe Discussion List On Behalf Of Binyamin Dissen > > On Mon, 29 Nov 2010 04:39:54 -0600 Brian Westerman > <brian_wester...@syzygyinc.com> wrote: > > :>It's kind of difficult to use a brute force attack when RACF revokes the ID > :>after a site specified number of attempts. Assuming the site doesn't allow > :>1 or 2 character passwords (you don't do you), even if the site were to > :>allow 100 attempts, it's statistically a REALLY long shot to guess the > :>password. I would imagine that most sites have 3 or 4 as the number of > :>attempts, making the probability for success of a brute force attack too > :>remote to consider as they wouldn't even get out of the single character > :>attempts. > > If you have the offload, you can make as many attempts as you wish.
But the "offload" (did you mean "unload", as produced by IRRDBU00?) doesn't contain the password.... If you meant "backup", then your point is valid. -jc- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html