I once suggested to management that we secure our z/OS user profiles. At the time they were used as EMAIL addresses as well. I explained the scenario of "rotating IDs" as Mike suggested it could lead to a DoS exploitation. Naturally the EMAIL people prevailed.....sigh.
-----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Mike Schwab Sent: Monday, January 05, 2015 2:21 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: CANCEL TSO Logon? On Mon, Jan 5, 2015 at 9:45 AM, Vernooij, CP (ITOPT1) - KLM <kees.verno...@klm.com> wrote: > What is the point in trying to find a valid userid, if the userid will be > suspended after trying 3 invalid passwords (in our situation)? > > Kees. > But not if you keep rotating IDs. It is three in a row for the same ID. -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
