Use CHGCMDDFT and change the password default to *NONE. 

It took a while, but I finally got management to make the standard that
a profile is always created with *NONE as the password. When the user is
ready to sign on for the first time, they are to call the helpdesk, at
which time, a one-time password is given, with the requirement that it
be changed when they sign on. 

Before that, since everyone knew that a new profile had the profile name
as password, it was a HUGE security hole. Don't know if anyone crawled
through it or not, but they can't now.

OTOH, there are have been a few times when there ended up being a
default password, but I have a set of programs from SkyView Partners
that runs every morning, and that's one of the things I am informed of.
It's changed as soon as I see it in the morning.


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Thursday, November 09, 2006 10:24 AM
To: Midrange Systems Technical Discussion
Subject: RE: iSeries Security in Computerworld

Same as everyone else out there, look at the default for password on
CRTUSRPRF.  We get some who says "we gotta have a signon for ...".  Then
they never actually sign on and change their password.

Rob Berendt
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755

"Joe Pluta" <joepluta@xxxxxxxxxxxxxxxxx> 
Sent by:
11/09/2006 10:05 AM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>

"'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx>

RE: iSeries Security in Computerworld

Rob, I don't count your shop as "typical" :).  For example, how in the 
did you manage to create 111 enabled default password accounts?  Seems 
you have a SERIOUS issue. 


From: rob@xxxxxxxxx


Do we count as a client, I seem to recall writing a check...
CPC2232 - 119 user profiles have default passwords of which 111 have
status of *ENABLED.
Total number of user profiles =796.  Seems to be greater than 1 out of


This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page