Happy Holidays my friend
Regards, Scott From: Charles Mills Sent: Monday, December 29, 2014 8:56 AM To: [email protected] Why force your users to change passwords at all? I know "everyone does it" but what problems does it solve? 1. Bob needs access to some dataset that his userid does not grant. So Alice loans him her logon credentials. Forcing Alice to change her password prevents Bob from continuing to masquerade as Alice. 2. Bob hangs out in Alice's cubicle while she logs on. Every day he is able to glimpse a little of her password until he has the whole thing figured out. Forcing Alice to change her password periodically ameliorates this problem. But for (1.) a better solution is giving Bob the access his job requires and for both problems a better solution is training Alice. The big negatives of forced password change are that studies have shown that people forced to change passwords choose progressively weaker passwords, and are more compelled to write them down. http://cryptosmith.com/password-sanity/exp-harmful/ Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of [email protected] Sent: Monday, December 29, 2014 6:29 AM To: [email protected] Subject: RACF password history was: AW: //STARTING JOB ... > Check out the SETROPTS HISTORY and MINCHANGE options if you haven't already. Thanks, Tom! I did that and set history accordingly. No need for an exit, then! I would set MINCHANGE only if I see that someone tries to change the many passwords that are now kept to get to the (n+1)th password. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
