|
Scott, > > Wouldn't that data be flowing regardless of whether or > not you are using > > QPWDVLDPGM? So how does it contribute to the risk? > Unless you have an > > unscrupulous programmer who wrote QPWDVLDPGM. But then > again, if the > > values for WRKSYSVAL QPWD* are sufficient for you, then > what else is IBM > > to do? > > I was merely clarifying what John Earl had said, since you > didn't seem to > understand what he meant by "over the wire." I'm not in > any way stating > that using QPWDVLDPGM makes things more or less secure. True, As a practical matter, if you ever present the standard (or 128 byte enhanced) QDSIGNON screen to your users (who Doesn't?), then you are already transmitting userid's and passwords in clear text. In this case QPWDVLDPGM doesn't really add any additional exposure. jte -- John Earl | Chief Technology Officer The PowerTech Group 19426 68th Ave. S Seattle, WA 98032 (253) 872-7788 ext. 302 john.earl@xxxxxxxxxxxxxxxxxx www.powertech.com This email message and any attachments are intended only for the use of the intended recipients and may contain information that is privileged and confidential. If you are not the intended recipient, any dissemination, distribution, or copying is strictly prohibited. If you received this email message in error, please immediately notify the sender by replying to this email message, or by telephone, and delete the message from your email system. --
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
