Is there a way to force passwords in the AS/400 to have uppercase and lowercase letters?
The short answer is "No" but with a bit of programming the answer can be "Yes." Let me explain: Valid characters for passwords -- as well as maximum password length -- is controlled by the system value QPWDLVL. As i5/OS ships, the QPWDLVL is set to '0' which means that that the users' passwords can only consist of upper case A-Z, 0-9 and the special characters $, @, #, and _ (underscore.) Once you set the QPWDLVL system value to '2' or '3', passwords can be up to 128 characters long and consist of upper and lower case letters, spaces and all special characters. While there are some controls (system values beginning with QPWD*) that impose requirements on passwords (such as the minimum length, requiring a digit, etc.) no control exists for requiring passwords to contain both upper and lower case letters. However, you could write a password validation program that parses the password when a user attempts to change it and enforce the upper/lower case requirement that way.
For more information on moving to a higher password level, see the IBM manual, Tips and Tools for Securing your iSeries, available from the IBM information center.
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ... Continue Reading