IBM Mainframe Forum

Mainframe Technical Support Forums
https://www.ibmmainframeforum.com/

Password History

https://www.ibmmainframeforum.com/mainframe-security/topic12446.html

Page 1 of 1

Password History

PostPosted: Sat Oct 31, 2020 3:14 pm
by mehi1353
Hi friends,

we have activated password history in our z/OS environment: user cannot re-use their "10" old passwords.
This acts correctly on TSO logon panel.
But with ALTUSER command, special users can change passwords to any old passwords, without any problem! (password history is bypassed!)

Why that happen any what we can do to prevent bypassing "password history"?

Thanks in advance,
Mehrdad

Re: Password History

PostPosted: Sat Oct 31, 2020 5:35 pm
by steve-myers
Generally speaking, RACF users with the SPECIAL attribute can do as they please, and that includes bypassing password history. This does not extend to all cases. For example, password history is not bypassed when changing their password in the LOGON panel. I do not know what would happen if they attempt to change their password with ALTUSER.
All times are UTC + 5:30 hours
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/