Allowed Password Phrase Special Characters not limited by PPSCHAR
Article ID: 111945
Top SecretTop Secret - LDAP
I thought was that the special characters of a new password phrase would be limited to those given in the PPSCHAR list. However TSS allows many more than that and returns RC=0 for a TSS Replace command. For example: PPSCHAR(*,&,:,-,#,_) TSS REPLACE(xxxxxxx) PHRASE('N?*Te&t%1#t^rin:AL$n=e!45-Pa.s',30) TSS0300I REPLACE FUNCTION SUCCESSFUL Is this working as designed? Please clarify.
Release: Component: TSSMVS
If the replace command is being issued by an ADMIN acid then they can replace the password/phrase with anything. The password/phrase rules are not in effect. Usually the REPLACE command has EXP on it such as: TSS REPLACE(xxxxxxx) PHRASE('N?*Te&t%1#t^rin:AL$n=e!45-Pa.s',30,EXP) This will cause the user to be prompted to change their password. The user (Acid TYPE=USER) will then have to abide by the new password/phrase rules.