On 01/05/2015 05:56 PM, Lou Losee wrote: > Hopefully all of your started proc user ids are PROTECTED otherwise those 3 > invalid password attempts could cause you big problems. > > Lou > > -- > Artificial Intelligence is no match for Natural Stupidity > - Unknown > > On Mon, Jan 5, 2015 at 2:21 PM, Mike Schwab <[email protected]> wrote: > >> On Mon, Jan 5, 2015 at 9:45 AM, Vernooij, CP (ITOPT1) - KLM >> <[email protected]> wrote: >>> What is the point in trying to find a valid userid, if the userid will >> be suspended after trying 3 invalid passwords (in our situation)? >>> >>> Kees. >>> >> But not if you keep rotating IDs. It is three in a row for the same ID. >> >> -- >> Mike A Schwab, Springfield IL USA >> Where do Forest Rangers go to get away from it all? >> No, it's not three failed attempts in a row from the same source for the same ID; it's three failed logon attempts (if that is the limit) for the same ID before the next successful logon authentication for that same ID, whether the logon attempts are spread over seconds, hours, or days, and across all possible MVS systems and applications that might be requesting userid authentication. If your hack attempt rotates through all known userids more than three times in the same day on a system where the average userid is only authenticated one or two times a day, the odds are you will start revoking some userids during the third pass (and start potentially being noticed). For a userid that only has one legitimate logon per week, three bad attempts spread across a week would be sufficient to cause a revoke. At a max of three bad password hack attempts per ID per day, how many years does that take to have reasonable odds of hacking any individual userid? How does installation rules that force users to change their password every 60 to 90 days affect the odds of that success, since there is a non-zero probability a user could change to a password value the hacker had already attempted and will never try again because he already "knows" it is invalid?
-- Joel C. Ewing, Bentonville, AR [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
