Question:  

Does the GSO PSWD PSWDVFY|NOPSWDVFY option affect TSO logon or signon to any online system?

Answer:

The PSWDVFY/NOPSWDVFY option of the GSO PSWD record specifies whether a user or security administrator is required to verify the new password. This option applies when a user or security administrator is changing the current password under a TSO ACF session (or using the CP function of the ACF2 CICS ACFM transaction) and is not specifying the new password (clear text) with the CHANGE command.

If this is not set in the GSO PSWD record, the default value is NOPSWDFVY.

Note: this option is not applicable for the ACF transaction under ACF2 IMS. ACF2 IMS only allows the password change when the password is explicitly provided with the change request.

The PSWDVFY/NOPSWDVFY option has no impact on any logon or signon process where the user is changing their password during the logon/signon process.

To best understand how this option works, here are administrative password change scenarios:

• The CHANGE command specifies a clear text password. In this scenario the PSWDVFY/NOPSWDVFY option is not applicable.
  
  CHANGE USER001 PASSWORD(ABC123)
  
  Because the password was specified in clear text, there is no prompting for a password. When the change completes, the changed logonid is listed and you can see that the PSWD-TOD field will show the current date and time of this password change.
  
  
• The CHANGE command does not include the password (not in clear text). In this scenario you will be prompted to enter the password.
  
  CHANGE USER001 PASSWORD
  ACF61500 ENTER PASSWORD
  
  Now is when the PSWDVFY/NOPSWDVFY option comes into play. If PSWDVFY is set, then you will get an additional prompt to verify the password that was entered:
  
  ACF6C110 REENTER NEW PASSWORD FOR VERIFICATION -
  
  If NOPSWDVFY is set you will not get this additional verification prompt.
  
  When the change completes, the changed logonid is listed and you can see that the PSWD-TOD field will show the current date and time of this password change.

Additional Information: 

Additional information for all the GSO PSWD record options can be found in the chapter on "Maintaining GSO Records" of the CA ACF2 for z/OS Administrator Guide.

-