QPWDLMTCHR allows you to force omission of certain characters from
passwords (typically vowels) but I cannot see a similar function in
the new rules.

And for a very good reason as it is a silly facility to have. Every time you
remove symbols from key, the key-space gets smaller, thus weakening
the encryption. I guess IBM finally wizened up.


On Mon, Apr 21, 2008 at 9:13 PM, Simon Coulter <shc@xxxxxxxxxxxxxxxxx> wrote:

I was looking through the changes for security in VRM610 specifically
the new system values for password rules. Essentially the old QPWD*
system values directly related to password rules are replaced
(supported but obviously deprecated) by a new single system value
QPWDRULES that takes multiple values. All-in-all a good idea but I
noticed the following anomaly:

There appears to be no direct replacement for the QPWDLMTCHR system
value.

QPWDLMTCHR allows you to force omission of certain characters from
passwords (typically vowels) but I cannot see a similar function in
the new rules.

Is this simply a documentation oversight?
Is QPWDLMTCHR still effective even when using the new method?
Have I simply missed something?

Regards,
Simon Coulter.
--------------------------------------------------------------------
FlyByNight Software OS/400, i5/OS Technical Specialists

http://www.flybynight.com.au/
Phone: +61 2 6657 8251 Mobile: +61 0411 091 400 /"\
Fax: +61 2 6657 8251 \ /
X
ASCII Ribbon campaign against HTML E-Mail / \
--------------------------------------------------------------------



_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400) mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.






This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].