ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How to configure and use Password Phrases

book

Article ID: 226484

calendar_today

Updated On:

Products

VM:Secure for z/VM

Issue/Introduction

Where is it documented how to configure and use Password Phrases ?

 

Environment

Release : 3.2

Component : CA VM:Secure for z/VM

Resolution

Password Phrases and how to implement is documented in the VM:Secure Administrator's guide at:

https://techdocs.broadcom.com/us/en/ca-mainframe-software/traditional-management/ca-vm-secure-for-z-vm-with-security/3-2/administrators/password-phrases.html   

This section describes how to configure and use support for password phrases. Support for traditional eight-character passwords is compatible with previous releases of VM. Password phrase support must be explicitly configured to be enabled, so that it can be introduced in a controlled manner.   

See the VM:Secure documentation for more particulars.

 

 

Additional Information

Password Phrase usage is configurable in the product through the service machine vs. something you have to gen into CP in our replacement text decks.
 
Using password phrases is controlled by the ESM so we just need to allow users to specify password phrases which
is essentially what configuring PWPHRASE does.   The rest of the support for usage is already in CP and the VM:Secure replacement logic that is already installed.  Passwords are differentiated by length so it is possible to exist with both traditional passwords (8 characters and under) and
password phrases in use.  
 
Make sure you check into all the other possible changes you may need to make (including user exit changes) as you  implement password
phrase usage.  Again, this is documented in the Administrator's guide under Password Phrases.
 
 
The other thing to be clear about is a PasswordPhrase is defined as a PW that is GREATER THAN 8 CHARACTERS. If the PW is a valid PW phrase, it will be case sensitive (mixed case). If your UserExits (or lack thereof) allow use of 8 character or less PW to be used, those PWs will be treated as traditional 8-byte PW and they WILL BE UPPERCASED. 

If you want ALL PWs, including 8-byte or less PWs to be NOT UPPERCASED by VM:Secure, you MUST also implement MIXEDPW8 … and that requires a change to VMXRPI CONFIG and regeneration of CP TEXT files.