Regarding the TSS REM(acid) PSDWDATA and TSS REM(acid) PHRASDATA commands which remove the password and passphrase from an ACID:

Q1: Are such password and phrase less ACIDs "valid" ACIDs or does Top Secret identify them somewhere as "incomplete"?

Q2: Are such ACIDs feasible for ACIDs assigned to started tasks?

Q3: Are such ACIDs feasible for batch-only ACIDs, for which this userid is specified in the // JOB card?

Q4: There are ACIDs defined that nobody should be able to login with a password, with a randomized password and the NOSUSPEND privilege, so that this ACID can not be invalidated by a wrong-password attack. Would it be the better approach to remove password and phrase for all such ACIDs, which would also eliminate the need for the NOSUSPEND privilege? 

Q5: Can such password and phrase less ACIDs be considered as "protected userids" in the sense of NOPASSWORD, NOPHRASE users defined in IBM's RACF documented here ?

Q1: Are such password and phrase less ACIDs "valid" ACIDs or does Top Secret identify them somewhere as "incomplete"?

A1: Yes, we can say that these ACIDs are "valid" and TSS is able to detect them. When such ACID tries to access to the system information, Top Secret denies it and a Top Secret violation message is issued: TSS7100E 224 J= A=acid T=ttttttt F=TSO - Userid has no Password


Q2: Are such ACIDs feasible for ACIDs assigned to started tasks?

A2: Yes, such ACIDs can be used when assigned to a STC if Top Secret control option OPTIONS(4) is set.


Q3: Are such ACIDs feasible for batch-only ACIDs, for which this userid is specified in the // JOB card?

A3: Yes, such ACIDs can be used when a job is being submitted by an ACID having NOSUBCHK or a PER(Submitting_acid) ACID(Submittee_acid) and being specified on job card like // USER=Protected_acid


Q4: There are ACIDs defined that nobody should be able to login with a password, with a randomized password and the NOSUSPEND privilege, so that this ACID can not be invalidated by a wrong-password attack. Would it be the better approach to remove password and phrase for all such ACIDs, which would also eliminate the need for the NOSUSPEND privilege? 

A4: This is up to the site. A STC ACID with a password which can be changed depending on a company security policy, "looks more" secure than one without a password. On another hand, a STC ACID without password cannot access to the system information (see A1). A STC ACID with a password if the password is disclosed, might have access to some data it shouldn't. The NOSUSPEND attribute is not only for password violations, but also for resource violations. So, it might be necessary to keep it.


Q5: Can such password and phrase less ACIDs be considered as "protected userids" in the sense of NOPASSWORD, NOPHRASE users defined in IBM's RACF documented here ?

A5: Yes.