|
midrange.com
I've used a similar method, with a twist.
Write a CL program that accepts one parameter, the user profile in question.
Write a command that uses that CL as the command processor.
CL:
PGM PARM(&IDIOT)
DCL VAR(&IDIOT) TYPE(*CHAR) LEN(10)
DCL VAR(&DUMMY) TYPE(*CHAR) LEN(10) VALUE('DUMMY ')
CHKOBJ OBJ(QSYS/&IDIOT) OBJTYPE(*USRPRF)
MONMSG MSGID(CPF0000) EXEC(DO)
SNDPGMMSG MSGID(CPF9898) MSGF(QCPFMSG)
MSGDTA('Profile +
not found. Who''s the idiot now, +
dummy?') TOPGMQ(*PRV) MSGTYPE(*ESCAPE)
GOTO CMDLBL(ENDCLPGM)
ENDDO
CHGUSRPRF USRPRF(&IDIOT) PASSWORD(&DUMMY) PWDEXP(*YES)
MONMSG(CPF0000)
ENDCLPGM: ENDPGM
CMD:
CMD PROMPT('Set a Dummy Password')
PARM KWD(USRPRF) TYPE(*CHAR) LEN(10) MIN(1)
PROMPT('Idiot')
You might need to modify the &DUMMY value for your installation (e.g.
DUMMY1) and work out the authority for the operator. On the other hand, you
get to call the user a dummy with a straight face and prompting shows you
meant to say idiot. :-)
You type: "dummy jblow<ENTER>" and say "Joe your new password is 'dummy' but
don't take it personally."
Or you could be nicer than I am.
-----Original Message-----
From: Richard Jackson [mailto:richardjackson@richardjackson.net]
Sent: Wednesday, November 08, 2000 11:23 AM
To: MIDRANGE-L@midrange.com
Subject: RE: Password "Hint" Feasibility
Change the problem. Whenever someone calls, don't try to help them discover
their password, reset their password to the same as their userID and mark
the profile as "must change password on next log-on". Now you can skip the
whole "hint" technology and put the problem back in the lap of the users.
It should be pointed out that the users are trying to transfer their problem
to you. I would avoid that.
Richard Jackson
Richard Jackson and Associates Ltd.
IBM Business Partner
mailto:richardjackson@richardjackson.net
http://www.richardjacksonltd.com
Telephone: 1 (303) 808-8058
-|-----Original Message-----
-|From: owner-midrange-l@midrange.com
-|[mailto:owner-midrange-l@midrange.com]On Behalf Of L. S. Russell
-|Sent: Wednesday, November 08, 2000 12:02 PM
-|To: MIDRANGE-L@midrange.com
-|Subject: Re: Password "Hint" Feasibility
-|
-|
-|I would suggest that you look at some web sites which offer password
-|hints.
-|
-|Most sites make sure that the user verifies their ID before sending the
-|password. Some force the user to reply to an email which is sent to the
-|email address they used to sign-up initially. But it should be easier
-|to secure an Intranet application of this sort because, if your network
-|is behind a firwall and uses private side addressing, outsiders
-|shouldn't even see your Intranet.
-|
-|Then you only need to worry about disgruntled employees, and you are
-|back to square one because that is always a concern.
-|
-|John Hall wrote:
-|>
-|> mkrouse@co.ottawa.mi.us wrote:
-|> >
-|> > Call me paranoid, but it seems to me that you would be making it a lot
-|> > easier for some unscrupulous insider (or even hacker) to get
-|someone else's
-|> > password.
-|> >
-|> > Is your Help Desk really that busy that they can't handle the
-|volume? I
-|> > know ours isn't.
-|> >
-|>
-|> Now why do you say that ?? :)
-|>
-|> Just because there will be people who make the hint the same as the
-|> password ???
-|>
-|> Password : BOB
-|>
-|> Hint : My Password is BOB
-|>
-|> hmm - I think you must be paranoid !!!
-|>
-|> John Hall
-|> +---
-|> | This is the Midrange System Mailing List!
-|> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
-|> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
-|> | To unsubscribe from this list send email to
-|MIDRANGE-L-UNSUB@midrange.com.
-|> | Questions should be directed to the list owner/operator:
-|david@midrange.com
-|> +---
-|+---
-|| This is the Midrange System Mailing List!
-|| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
-|| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
-|| To unsubscribe from this list send email to
-|MIDRANGE-L-UNSUB@midrange.com.
-|| Questions should be directed to the list owner/operator:
-|david@midrange.com
-|+---
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator:
david@midrange.com
+---
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
