Re: How to display Stars for Password in ISPF
On Sat, 9 May 2009 16:28:48 -0400, Tony Harminc wrote: >2009/5/8 Paul Gilmartin : > >> Sigh. If IBM users were serious about this sort of thing, they'd >> submit a Requirement that LOGON not distinguish between invalid >> user ID and valid user ID with invalid password, reducing the >> exhaustive search space from M*N to M+N. > >That requirement would have to go against the various products that >issue SAF calls. There is nothing to stop any product that does logons >from being as vague as it likes about why the user can't log on. It could go against RACF, I think. We could simply give the "bad password" return code for all authentication failures. SMF records and ICH408I messages would still need to stay the same as they are, to provide proper auditing and trouble shooting, but the applications wouldn't know. We would probably need to change the error messages that we let applications retrieve from RACROUTE, too, in case they display them to the user. So it's non-trivial, but could be done in one central spot. Of course, you'd need is a larger help desk support staff to handle the increased number of calls from users. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
Chase, John wrote: >"You can't make it idiot-proof." :-) Idiot-proof is to make it "extremely easy to operate or maintain ", according to http://mw1.m-w.com/dictionary/idiotproof Look up this link below if you're bored... ;-D http://c2.com/cgi/wiki?IdiotProofProcess ;-D Groete / Greetings Elardus Engelbrecht -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
In a message dated 5/11/2009 8:48:21 A.M. Central Daylight Time, jch...@ussco.com writes: "You can't make it idiot-proof." :-) >> One more and I'm back to work or whatever we call it these days...Assistant Math Department Head calls 'What are we doing? What can't he get to Student Records? Just a tirade...so got the PC guy, the manager, and the director and walk up three flights of stairs to Math department. Dark screen on PC. So PC guy pops in a Win/98 diskette and gets it to boot. Long story short-his hard drive had been swiped over the holidays. Couple hours rebuild and he was back in business. Backups you say? Rainy day Mondays **An Excellent Credit Score is 750. See Yours in Just 2 Easy Steps! (http://pr.atwola.com/promoclk/100126575x1222585010x1201462743/aol?redir=http://www.freecreditreport.com/pm/default.aspx?sc=668072&hmpgID=62&bcd=May Excfooter51109NO62) -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
> -Original Message- > From: IBM Mainframe Discussion List On Behalf Of Ed Finnell > > > In a message dated 5/8/2009 4:06:15 P.M. Central Daylight Time, > esst...@juno.com writes: > > You could set the attribute of a Password field as DARK UNPROTECTED or > DARK FSET. The Data would not be displayed and will be returned to the > application program. > > > >> > Set background and foreground to same color? Don't laugh, had a SevCrit > from a frustrated user wanting to know why the M/F was down? > Well nothing we had showed it was even busy. Off to the races...manager > and VP in tow. Yep, 'I like blue...' set for foreground and background in the > emulator. "You can't make it idiot-proof." :-) -jc- -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
On Fri, 8 May 2009 15:18:50 -0400 Tony Harminc wrote: :>2009/5/8 Lizette Koehler : :>> I am trying to create a panel that has something like a password field. When you enter the password, it replaces the characters as they are typed from source to "stars". :>> Is this possible? Or is INTENS(NON) my only option? :>Surely even if the hardware was capable, The hardware is capable (if direct attached). Of course one would need some lower level I/O to constantly read the screen buffer and write out the *s at the correct location. -- Binyamin Dissen http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
2009/5/8 Paul Gilmartin : > Sigh. If IBM users were serious about this sort of thing, they'd > submit a Requirement that LOGON not distinguish between invalid > user ID and valid user ID with invalid password, reducing the > exhaustive search space from M*N to M+N. That requirement would have to go against the various products that issue SAF calls. There is nothing to stop any product that does logons from being as vague as it likes about why the user can't log on. Tony H. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
On Fri, 8 May 2009 15:18:50 -0400, Tony Harminc wrote: >2009/5/8 Lizette Koehler : >> I am trying to create a panel that has something like a password field. >> When you enter the password, it replaces the characters as they are typed >> from source to "stars". >> >> Is this possible? Or is INTENS(NON) my only option? > If you're using a terminal emulator for which you have the source code, then Happy Hacking! >Surely even if the hardware was capable, using stars would be less >secure against shoulder surfing than the current blanks. It a lot >easier to see how many stars have been typed than how many blanks. > This removes perhaps two bits of entropy from the password space (or alerts the shoulder surfer to someone's foolishly using a one-character password.) Sigh. If IBM users were serious about this sort of thing, they'd submit a Requirement that LOGON not distinguish between invalid user ID and valid user ID with invalid password, reducing the exhaustive search space from M*N to M+N. -- gil -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
In a message dated 5/8/2009 4:06:15 P.M. Central Daylight Time, esst...@juno.com writes: You could set the attribute of a Password field as DARK UNPROTECTED or DARK FSET. The Data would not be displayed and will be returned to the application program. >> Set background and foreground to same color? Don't laugh, had a SevCrit from a frustrated user wanting to know why the M/F was down? Well nothing we had showed it was even busy. Off to the races...manager and VP in tow. Yep, 'I like blue...' set for foreground and background in the emulator. **A Good Credit Score is 700 or Above. See yours in just 2 easy steps! (http://pr.atwola.com/promoclk/100126575x1221322931x1201367171/aol?redir=http://www.freecreditreport.com/pm/default.aspx?sc=668072&hmpgID=115&bcd =May5509AvgfooterNO115) -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
2009/5/8 Lizette Koehler : > I am trying to create a panel that has something like a password field. When > you enter the password, it replaces the characters as they are typed from > source to "stars". > > Is this possible? Or is INTENS(NON) my only option? Surely even if the hardware was capable, using stars would be less secure against shoulder surfing than the current blanks. It a lot easier to see how many stars have been typed than how many blanks. I think Lotus Notes (of all things) has it right; it replaces each character with some random number of Xs from 1 to 4 as you type, so it is virtually impossible to tell how many have been keyed. Tony H. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
Lizette You could set the attribute of a Password field as DARK UNPROTECTED or DARK FSET. The Data would not be displayed and will be returned to the application program. As others have stated it is a hardware limitition that wont alow you to put * in the field at the time one enters data. Click now for prescreened plumbing contractors. http://thirdpartyoffers.juno.com/TGL2141/fc/BLSrjpTRHJBgtQJHKdPvDGxmrZpgLW7NLd0rqQbz6ddLTz1Yij5OZJi2xCw/ -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
Lizette, In the native 3270 world, nothing is transmitted until , , , or key is pressed. To hide a password or similar values, ISPF uses non-display fields. The best that can happen is after is pressed, you can have your ISPF dialog change the field (or replace the field) with a display of asterisk characters. (Not necessarily useful.) In the world of 3270 emulation, all the terminal emulation clients (that I'm aware of), mimic native 3270 methodology. I would have to say, no. Hayim _ Hayim Sokolsky Mainframe Security Architect DTCC Corporate Information Security 18301 Bermuda Green Dr, MS 1-CIS Tampa FL 33647-1760 Tel. (813) 470-2177 Lizette Koehler Sent by: IBM Mainframe Discussion List 2009.05.08 13:24 Please respond to IBM Mainframe Discussion List To IBM-MAIN@bama.ua.edu cc Subject How to display Stars for Password in ISPF I am trying to create a panel that has something like a password field. When you enter the password, it replaces the characters as they are typed from source to "stars". Is this possible? Or is INTENS(NON) my only option? Lizette -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
On Fri, May 8, 2009 at 1:45 PM, Lizette Koehler wrote: > I kinda thought that might be the answer. Maybe I will put in a Share > Request for ISPF to do this. Waste of time -- it's a hardware limitation and I don't think there's a whole lot of 3270 hardware enhancements likely. Yes, an emulator could add it, but that would be one of the 2 or 3 zillion emulators out there... -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
I kinda thought that might be the answer. Maybe I will put in a Share Request for ISPF to do this. Hum Lizette -Original Message- >From: "McKown, John" >Sent: May 8, 2009 1:36 PM >To: IBM-MAIN@bama.ua.edu >Subject: Re: How to display Stars for Password in ISPF > >> -Original Message- >> From: IBM Mainframe Discussion List >> [mailto:ibm-m...@bama.ua.edu] On Behalf Of Lizette Koehler >> Sent: Friday, May 08, 2009 12:25 PM >> To: IBM-MAIN@bama.ua.edu >> Subject: How to display Stars for Password in ISPF >> >> I am trying to create a panel that has something like a >> password field. When you enter the password, it replaces the >> characters as they are typed from source to "stars". >> >> Is this possible? Or is INTENS(NON) my only option? >> >> Lizette > >INTENS(NON) is basically your only option. Remember that 3270 protocol is >"block oriented" and so it cannot respond to each individual keystroke the way >that the PC or UNIX terminal can. What would be interesting would be an >enhancement to the 3270 protocol to specify what the "replacement characters" >is for a non-display field. > >-- >John McKown >Systems Engineer IV >IT > >Administrative Services Group > >HealthMarkets(r) > >9151 Boulevard 26 * N. Richland Hills * TX 76010 >(817) 255-3225 phone * (817)-961-6183 cell >john.mck...@healthmarkets.com * www.HealthMarkets.com > >Confidentiality Notice: This e-mail message may contain confidential or >proprietary information. If you are not the intended recipient, please contact >the sender by reply e-mail and destroy all copies of the original message. >HealthMarkets(r) is the brand name for products underwritten and issued by the >insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance >Company(r), Mid-West National Life Insurance Company of TennesseeSM and The >MEGA Life and Health Insurance Company.SM > > > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO >Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: How to display Stars for Password in ISPF
> -Original Message- > From: IBM Mainframe Discussion List > [mailto:ibm-m...@bama.ua.edu] On Behalf Of Lizette Koehler > Sent: Friday, May 08, 2009 12:25 PM > To: IBM-MAIN@bama.ua.edu > Subject: How to display Stars for Password in ISPF > > I am trying to create a panel that has something like a > password field. When you enter the password, it replaces the > characters as they are typed from source to "stars". > > Is this possible? Or is INTENS(NON) my only option? > > Lizette INTENS(NON) is basically your only option. Remember that 3270 protocol is "block oriented" and so it cannot respond to each individual keystroke the way that the PC or UNIX terminal can. What would be interesting would be an enhancement to the 3270 protocol to specify what the "replacement characters" is for a non-display field. -- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * (817)-961-6183 cell john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
How to display Stars for Password in ISPF
I am trying to create a panel that has something like a password field. When you enter the password, it replaces the characters as they are typed from source to "stars". Is this possible? Or is INTENS(NON) my only option? Lizette -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html