Can you have Passphases and passwords both set in the Top Secret Parmfile?
With password and passphrase you can use either.
If the user types in the correct password, they will get
Passphrase (NEWPHRASE) is a different field than the Password (NEWPW). This means
users may have both a password and a pass phrase.
If both a password and a pass phrase supplied, the pass phrase will
If there is a single signon attempt that specifies both
a password and a passphrase, only the pass phrase will be checked.
Password and passphrase have their own expiration and independent of each
other. If the user exceeds the violation threshold for either password or
passphrases, they will be suspended. The user will need to be
unsuspended first in order for the acid to be used. It doesn’t matter it they
were suspended when using a passphrase or password.
To require a user to enter only a PASSWORD or PASSPHRASE in
order to sign on, would be done on the application side not the Top Secret side
In your Control Options setting you could have for example:
TSS9661I CA Top Secret PHRASE Status
TSS9661I CA Top Secret PASSWORD Status
HPBPW(002) MSUSPEND(NO) NPWRTHRESH(2)
PWEXP(030) PWHIST(01) PTHRESH(005)