Looking in the manuals for a description of what this actually does.
I assume that this is for commands like LINK and XAUTOLOG.
Then I also assume that EG if a user has a LINK rule with NOPASS and also is listed on a GRANT NOPASS that this is then a 'double' NOPASS that is overkill and not necessary?
Release : 3.2
Component : VM:Secure for z/VM
The AUTHORIZ CONFIG file can contain the following three types of records that are used to identify and set up user authorization for VM:Secure commands:
GRANT NOPASS in the AUTHORIZ CONFIG pertains to VMSECURE commands the user is authorized to use. Many VM:Secure commands require users to enter their logon passwords when they issue the command.
To authorize user IDs to use a command without having to enter their logon passwords, give the user IDs NOPASS authorization. In this context, NOPASS is the authorization you are giving to use an entire command, a command and some of its parameters, or a list of commands.
Click on this link for helpful information documented in the VM:Secure Admin guide for "Waiving Password Requirements":
Additionally, you can configure Rules so you don't have to provide a password when LINKing. You need an ACCEPT NOPASS.