On Wed, 14 Jan 2015 11:15:32 -0500, Hobart Spitz wrote: >Under z/VM, SFS has the capability for a user to have the ability to >grant/revoke access to files and directories that are owned by the user's >id. Thus, users can grant and revoke access to/from their own SFS >resources without the bother of involving a security staffer, addressing >(1) above. > >Perhaps there is a less known analogous feature in RACF or a requirement >that needs to be written and/or supported. > ACLs?
>On Mon, Dec 29, 2014 at 8:56 AM, Charles Mills wrote: >> >> The big negatives of forced password change are that studies have shown that >> people forced to change passwords choose progressively weaker passwords, and >> are more compelled to write them down. >> >> http://cryptosmith.com/password-sanity/exp-harmful/ >> Lately, I stumbled on a javascripted web page my employer 5 to 10 years ago used to suggest difficult passwords. The rule, enforced by LDAP was that a password must represent at least 3 of the 4 categories: o minuscule o numeric o special o majuscule The recommended generator did all 4. Of 8 characters (the enforced minumum): o 1-2 are minuscule o 3-5 are numeric o 6 is special o 7-8 are majuscule But is this an optimal defense against a brute-force search? -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
