Implementing PASSPHRASEs In Top Secret

book

Article ID: 221234

calendar_today

Updated On:

Products

CA Top Secret

Issue/Introduction

What is the procedure to implement PASSPHRASE on users for a 14 character password? The client has determined the applications this will affect.  

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

IMPORTANT: the password phrase can only be used if the application (CICS, TSO, ROSCOE, etc) supports password phrases. If you are not sure if the application supports password phrases, you will need to check with the support group for that product.                                   

From a TSS standpoint, the first thing to do is TSS MODIFY and make sure that NEW_PASSWORD(Active) is shown in the output. If not, please let me know and I will provide the instructions to activate this.

The next thing to do is set up the passphrase related control options based on your security policy requirements. For example:

NEWPHRASE(MIN=9,MAX=14,WARN=03,MINDAYS=03,NR=3,SC=00,MA=00,MN=03)
NPPTHRESH(5)    
PPEXP(060) 
PPHIST(12)  
PSWDPHRASE(ON) 

NOTE: If PSWDPHRASE(OFF) is set, users must have the PSWDPHR attribute set to specify a password phrase.

The above are just examples. See the following links for more info on these options:

NEWPHRASE

NPPTHRESH

PPEXP

PPHIST

PSWDPHRASE