Michael Brennan<https://www.mail-archive.com/[email protected]&q=from:%22Michael+Brennan%22> wrote:
>Both ACF2 and Top Secret have common phrases that can not be >used for passwords and you can add or subtract from the list. >You would think RACF would have the same. I have not dug through >the RACF manuals to determine if it does or not. RACF has a new-passphrase exit called ICHPWX11. IBM provides a sample exit routine, and you can use REXX to run whatever passphrase quality checks you wish. The REXX script could even make an external (or “external”) network call to check the passphrase against some database. But you’d have to write and maintain this REXX code, and it wouldn’t provide multi-factor authentication. It’d merely help strengthen new passphrase selections. https://www.ibm.com/docs/en/zos/3.1.0?topic=users-assigning-password-phrases ————— Timothy Sipples Senior Architect Digital Assets, Industry Solutions, and Cybersecurity IBM Z/LinuxONE, Asia-Pacific [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
