We ESPed the release that introduced mixed case passwords and phrases; 1.7 I believe. We tested on our sandbox under controlled conditions and were satisfied that the new features worked as expected. However, we never went to production for reasons already suggested:
1 No support *at that time* from CA TPX. We never found any other application that would not have worked, but TPX was enough. 2 Difficulty of falling back to old password rules once a password had been changed to mixed case. We would have had to manually set the password back to upper case in order to be usable. TPX apparently now supports mixed case and phrases. Number 2 is still a major buzz kill. Given the huge number of possible upper case password permutations including letters, numbers, and nationals, and given the severe limit on password tries before revocation, we could not justify such a sizable risk. As for SSO, those folks who logon to mainframe and some other platform can easily chose an 8 character password with mixed case for Windows, Unix, etc., and use the same password on mainframe with no ill effects because mainframe logon will translate the entered password into upper case transparently. . . JO.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 626-302-7535 Office 323-715-0595 Mobile [email protected] From: Don Poitras <[email protected]> To: [email protected], Date: 03/18/2013 12:43 PM Subject: Re: Long Passwords Sent by: IBM Mainframe Discussion List <[email protected]> We added to SAS. It will be in the next release. In article <caklc0fko6j-x9cgwoxm_k5bi7z+a9rwmj+rk_4vb6jmr+fn...@mail.gmail.com> you wrote: > This is VERY true. The application will have to support it. However, the > world seems to be moving to SSO and if it is to get there... then z/os will > have to play on the long password field. I expect most, if not all, > standard IBM products will use either in time. > On Mon, Mar 18, 2013 at 3:23 PM, R.S. <[email protected]>wrote: > > W dniu 2013-03-18 20:16, Toole, Michael pisze: > > > >> So you're only using them for TSO? I thought you would have to use them > >> for everything if you turned them on? > >> > > > > It CANNOT be used "for everything". > > Reason: some of "everything" do not support long passwords. > > > > IMHO it is an issue for "unwashed masses" of regular users, not technical > > staff. And most of regular users use ONE application (CICS or IMS), so they > > are not interested in ftp, TSO, NETVIEW or JCL. > > > > > > > > -- > > Radoslaw Skorupka > > Lodz, Poland -- Don Poitras - SAS Development - SAS Institute Inc. - SAS Campus Drive [email protected] (919) 531-5637 Cary, NC 27513 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
