The GSO PSWD options MAXTRY and PASSLMT are both related to password usage but have different functions. The MAXTRY option is related to the number of invalid passwords attempts that are allowed before your TSO session will be cancelled.

The PASSLMT option is related to the number of invalid password attempts permitted before the LOGONID is "suspended for invalid password attempts".

(Note: the SUSPEND attribute is NOT set in the LOGONID record).

Release:
Component: ACF2MS

Once a user is logically suspended due to invalid password/phrase attempts, the automatic reset the next day the user logs on does not take place. It will only take place if the PSWD-VIO/PWP-VIO count does not exceed the the PASSLMT counter in a single day. A single day is a single calendar day. Counters reset at midnight.

As an example you set MAXTRY(2) and PASSLMT(3) in the GSO PSWD record.

Since the MAXTRY option relates to invalid password attempts during TSO logon, if a user enters two invalid passwords, they will have that TSO session cancelled and will need to start the session again if they wish to logon. Taking this example a little further, if the user attempts to logon again and gets another invalid password they will then be prompted one more time for their password. If they get the fourth password attempt incorrect, their LOGONID is set as "suspended due to invalid password attempts" and the TSO session will be cancelled, and the user will not be allowed to logon until the PASSWORD violation count is reset by an administrator.

This can be done with the following operator command:

F ACF2,RESET(logonid)