Is it possible to force a user to use only their Kerberos connection setup in the TSS SDT -vs- trying to connect with a password?
Release : 16.0
Component : CA Top Secret for z/OS
There is an attribute called PROTECTED. If a user is given this attribute, the user will loose their password and phrase. Documented at the following link.
Users with the PROTECTED attribute will no longer have the ability to signon with a phrase and password.
They still will be able to signon using other methods that dont require a password or phrase like Kerberos and digital certificates.