Discussion:
passphrases
(too old to reply)
Steve Beaver
2018-01-11 13:15:56 UTC
Permalink
Raw Message
Has anyone done anything with passphrases beyond TSO?

Thanks in advance

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Jousma, David
2018-01-11 14:01:45 UTC
Permalink
Raw Message
We've tested them in TSO, CICS, and CA-Roscoe within our own group. Nothing been rolled to the masses yet. We are also working on CA MFA as well.

_________________________________________________________________
Dave Jousma
Manager Mainframe Engineering, Assistant Vice President
***@53.com
1830 East Paris, Grand Rapids, MI  49546 MD RSCB2H
p 616.653.8429
f 616.653.2717


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Steve Beaver
Sent: Thursday, January 11, 2018 8:17 AM
To: IBM-***@LISTSERV.UA.EDU
Subject: passphrases

**CAUTION EXTERNAL EMAIL**

**DO NOT open attachments or click on links from unknown senders or unexpected emails**

Has anyone done anything with passphrases beyond TSO?

Thanks in advance

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL**

**DO NOT open attachments or click on links from unknown senders or unexpected emails**



This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Don Poitras
2018-01-11 15:29:32 UTC
Permalink
Raw Message
Post by Steve Beaver
Has anyone done anything with passphrases beyond TSO?
Thanks in advance
We added support to SAS/Connect to use allow password phrases. This
was at version 9.4. I think we allowed mixed-case passwords either at
9.2 or 9.3.
--
Don Poitras - SAS Development - SAS Institute Inc. - SAS Campus Drive
***@sas.com (919) 531-5637 Cary, NC 27513

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
e***@gmail.com
2018-01-12 08:53:50 UTC
Permalink
Raw Message
On our sandbox system we have everyone on passphrase only. TSO, CICS, IMS and some third party products we use support it without any (major) issues.
Be aware that password and passphrase are two seperate entities, which you can use next to each other. So some people can have a password, some can have a passphrase or some can have both. Up to 8 positions are considered to be passwords, above that are passphrases. Normally passphrases must be >=14 positions, except when you use ICHPWX11 exit, or encrypt your RACF database with AESKDF - which I highly recommend doing - in which case it is >= 9 positions.

Kind regards,

Erik Janssen.
e***@gmail.com
2018-01-12 08:56:06 UTC
Permalink
Raw Message
Post by e***@gmail.com
On our sandbox system we have everyone on passphrase only. TSO, CICS, IMS and some third party products we use support it without any (major) issues.
Be aware that password and passphrase are two seperate entities, which you can use next to each other. So some people can have a password, some can have a passphrase or some can have both. Up to 8 positions are considered to be passwords, above that are passphrases. Normally passphrases must be >=14 positions, except when you use ICHPWX11 exit, or encrypt your RACF database with AESKDF - which I highly recommend doing - in which case it is >= 9 positions.
Kind regards,
Erik Janssen.
Ehh, KDFAES that is of course...

Loading...