Confirm information regarding RSA Authentication with NetMaster.

1. Which format does the user need to follow for entering the RSA passcode on the NetMaster or SOLVE signon screen?
2. In order for NetMaster to use MFA, do the following parms have to be set in the NMDRVCTL DD RUNSYSIN member?

         - SEC=any value except NO, for example, NMSAF

         - XOPT=PWMIX

SOLVE:Access Session Management - Release 5.0

Netmaster - all GA releases

Answer 1.

The format question is a question for your Security Team. The main thing from NetMaster side was to support passphrases which also caters for MFA tokens that can be >8 characters.

From the IBM User’s guide for MFA. Chapter 3 refers to TSO/E. Whatever works for TSO/E will work in SOLVE/NetMaster. It looks like the software generated token is the only value entered.

Answer 2.

Netmaster and SOLVE:Access have the same passphrase and MFA support if the product is using SEC=NMSAF or SEC=NMSAFF and SOLVE:Access is not using Easinet. 
XOPT=PWMIX is required if mixed case will be implemented for either passwords or passphrases. MFA values are typically entered 'as is'.

Please note: For SOLVE:Access we strongly recommend applying maintenance up to current levels as many PTFs have been written over time to fix varying problems found with both passphrase and MFA processing beyond those that originally added Multi-Factor Authentication functionality.

CA NETMASTER SHARED CONTENT LIBRARY 13.0 documentation, Section Multi-Factor Authentication (MFA) Password Support