Re: V5R1 DST passwords -- MIDRANGE-L


From my perspective, this should be fully under the owner's control, as it
is in OS/400.

Al

Al Barsa, Jr.
Barsa Consulting Group, LLC

400>390

914-251-1234
914-251-9406 fax

http://www.barsaconsulting.com
http://www.taatool.com





                                                                                
                                         
                    "Jim Franz"                                                 
                                         
                    <franz400@triad.rr.        To:     
<MIDRANGE-L@midrange.com>                                         
                    com>                       cc:                              
                                         
                    Sent by:                   Subject:     Re: V5R1 DST 
passwords                                       
                    owner-midrange-l@mi                                         
                                         
                    drange.com                                                  
                                         
                                                                                
                                         
                                                                                
                                         
                    07/08/01 11:21 AM                                           
                                         
                    Please respond to                                           
                                         
                    MIDRANGE-L                                                  
                                         
                                                                                
                                         
                                                                                
                                         




How can we participate in this new age of computing with
factory passwords & non-expiring passwords. I have and
continue to try and educate network techs on the danger of
any default or well-known passwords. We continue to make
fun of Microcrash's weekly list Cert advisories (as well as
Linux). There is no defense for factory passwords. We claim
the be more secure than any other business server, out of the
box. Can't have it both ways.
jim

----- Original Message -----
From: <barsa@barsaconsulting.com>
To: <MIDRANGE-L@midrange.com>
Sent: Sunday, July 08, 2001 10:36 AM
Subject: RE: V5R1 DST passwords


>
> To make matters worse, you password has to be different from the last 4
> passwords.
>
> Al
>
> Al Barsa, Jr.
> Barsa Consulting Group, LLC
>
> 400>390
>
> 914-251-1234
> 914-251-9406 fax
>
> http://www.barsaconsulting.com
> http://www.taatool.com
>
>
>
>
>
>
>                     "Hall, Philip"
>                     <phall@spss.com>           To:
"'MIDRANGE-L@midrange.com'" <MIDRANGE-L@midrange.com>
>                     Sent by:                   cc:
>                     owner-midrange-l@mi        Subject:     RE: V5R1 DST
passwords
>                     drange.com
>
>
>                     07/07/01 11:49 PM

>                     Please respond to
>                     MIDRANGE-L
>
>
>
>
>
>
> > They've added the CHGDSTPWD command to reset DST QSECOFR to
> > QSECOFR. Now
> > here's the kicker - the password for DST is case sensitive
> > (as I forgot
> > today, typing in qsecofr time and time again when only
> > QSECOFR will work).
> >  You then need to change the password, but it seems that this
> > follows its
> > own rules - even if QPWDRQDDIF is set to 0, you can't
> > duplicate an old
> > password for the DST profile.
> >
> > So pretty easily, DST password management can become an issue
> > - especially
> > since you may not be going into SST that often.
>
> If I remember correctly, the passwords also auto expire after 180 days,
to
> give you even more of a potential headache...
>
> --phil
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to
> MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator:
> david@midrange.com
> +---
>
>
>
>
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to
MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator:
david@midrange.com
> +---

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to
MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator:
david@midrange.com
+---




+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---