× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. June 2009

Re: AS400 Automatic Sending of New Password?

Duane,

It is a one way encryption algorithm and so theoretically not decryptable. However, if you are running at QPWDLVL '0' or '2', there is "netserver" password attached to the /400 password that is decryptable, and once you've decrypted that there is no reason to assault the native /400 password.

I don't believe that you need the last 32 passwords to encrypt/decrypt. There is an encryption API that will allow you to encrypt a password using just the UserID as input. If you can encrypt a password on SYSA and store it and use it on SYSB (and you can) then the last 32 passwords would not be a requirement.

jte
Sent via BlackBerry from T-Mobile

-----Original Message-----
From: "Christen, Duane" <Duane.Christen@xxxxxxxxxx>

Date: Wed, 17 Jun 2009 13:14:39
To: Midrange Systems Technical Discussion<midrange-l@xxxxxxxxxxxx>
Subject: RE: AS400 Automatic Sending of New Password?


John;

FWIW You can't decrypt an i password and get a clear text password.
You would have to know the previous passwords as the previously encrypted passwords (up to 32?) are used to encrypt the new password.

It is a one way encryption algorithm.

Duane Christen


--


Duane Christen
Senior Software Engineer
(319) 790-7162
Duane.Christen@xxxxxxxxxx

Visit PAETEC.COM


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of John Earl
Sent: Wednesday, June 17, 2009 12:34 PM
To: Midrange-List
Subject: Re: AS400 Automatic Sending of New Password?

Frank,

You could decrypt the password and send it to the user, but that is probably more trouble than it is worth. Instead change the password and the profile and send out a single use password that the user can use for access.

There are commercial applications that do this process for you securely and take a lot of the risk and guesswork out of the process. There aren't any available solely for the i, but if you are using EIM and SSO, you could solve this whole problem at the network authentication level.

jte




Sent via BlackBerry from T-Mobile

-----Original Message-----
From: fbocch2595@xxxxxxx

Date: Wed, 17 Jun 2009 12:41:50
To: <midrange-l@xxxxxxxxxxxx>
Subject: AS400 Automatic Sending of New Password?



Hi Folks, you know when you're trying to sign in or log in?to a web site but you forget your password and after a few tries you have to click on the "forgot your password" button and you're emailed a new password?? Can that be done with the AS400/iSeries??

Any thoughts on how?it could be done with minimal programming? ?

Has anyone out there tried that??

Right now when a user calls the help desk the help desk issues a new?password?but we want to eliminate that call (and probably the help desk too).?

As always, any help appreciated.?

Thanks, Frank?

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.