In an article you wrote, you said that if you change one of the QPWD* system values, it won't allow a password=*USRPRF. I changed QPWDRQDDIF to be eight and then I was able to create a user FRED with password *USRPRF. Why?
The QPWD* system values are not enforced when you use the CRT or CHGUSRPRF commands. This allows an administrator or helpdesk personnel to create a trivial password when a user calls up and says they have forgotten their password. The password is set to an easy value and is also set to be *EXPIRED so that the user has to change it right away. When the user changes the password, the QPWD* system values are enforced. So in this case, if you had changed one of the QPWD system values, the user would not be able to change their password to be the same as their user profile name.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ... Continue Reading