Top Secret TSS7005I messages for incorrect PASSTICKET violation but PTHRESH count never resets


Article ID: 211154


Updated On:


CA Top Secret


Running z/os 2.4 and Top Secret 16 and recently have noticed that some users are receiving TSS7005I messages when submitting jobs indicating a number of violations since last successful logon have occurred.  

The issue is the PTHRESH number does not seem to  reset to 0 and in some cases just continues to increment.  


Release : 16.0

Component : CA Top Secret for z/OS


Solution 10066 removed the pthresh counter to be reset for non-password signon and passtickets for Top Secret and ACF2

example of non-password signon's are System attempt MFA, RSA, PIV Card...passtickets 

So currently working as designed, Sustaining Engineer may review this design but no change at this time. 

The problem happens when a successful non-password signon or passticket
signon occurs between invalid password occurrences. This activity resets the
password violation count, preventing the user from reaching the PTHRESH
threshold and being suspended.