On Wed, 24 Apr 2019 19:18:49 -0500, Walt Farrell wrote: >On Wed, 24 Apr 2019 12:10:59 -0500, John McKown wrote: > >>... I guess the developers went with the easy to test rule of "8 or >>less is a PASSWORD, larger is a PASSPHRASE". But that's just a guess on my >>part. > >Not so that RACF will know, but so the application calling RACF will know. The >application needs to know whether the user entered a password or password >phrase so it can indicate that to RACF. (And, I suppose, so the application >developers can decide when/whether to support password phrases.) > It could have been made compatible by merging the password and passphrase tables and preserving both interfaces.
>Additionally, password phrases get some strength from an increased number of >characters supported, but primarily from increased length. The initial >implementation required at least 14 characters for that reason, unless the >installation wanted to provide an exit overriding that to a smaller value, 9 >to 13. > Or that could have been 1 to 13, depending on how imprudent the admins. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
