Something about this makes me nervous. At a minimum you need @Gils's suggestion that the password not exist in your address space (or if it does you really, really know what you are doing).
And you need to make certain your code is not a vehicle for someone to mount a brute force attack while avoiding revocation. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Sam Golob Sent: Friday, January 8, 2021 9:19 AM To: [email protected] Subject: Code to verify LOGON password Dear Folks, Does anyone have user-written code for RACF, so that if the user types in a password, the code will verify if it is the user's actual LOGON password? I'd like to see code that does this, for ACF2 and Top Secret as well, but I'm primarily interested in RACF. Thank you very much. All the best of everything to all of you. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
