Yes, the iSeries has a lot of potential Trojan Horses. However, after IBM has come up with all of the QPWD* system values, and if you still want to do your own verification, what else could they have done? Rob Berendt -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." Benjamin Franklin "Andy Nolen-Parkhouse" <aparkhouse@xxxxxxxxxxx> Sent by: midrange-l-bounces@xxxxxxxxxxxx 11/18/2003 11:42 AM Please respond to Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx> To "'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx> cc Subject RE: iSeries passwords Rob, I agree that you're probably right. But this exit program is a user-written program which receives the old and new passwords as clear parameters and could do what it wants with them, including writing them to a database. While adding an exit point requires a little more sophistication to implement than just changing a system value, it requires the same level of authority (*ALLOBJ and *SECADM) as changing the QPWDVLDPGM system value. What am I missing? Andy > I bet this: > > The password validation exit program > http://publib.boulder.ibm.com/iseries/v5r2/ic2924/info/apis/xsyvlphr.htm > > Rob Berendt _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.