Can you tell me a little about bulletproof passwords?
There are many considerations when dealing with password security. And no plan is ever bulletproof.
General iSeries password recommendations.
-- Make the password hard to guess, but easy to remember. If you place too many weird restrictions on password creation, the users will get frustrated, and will end up writing their passwords down.
-- Require a digit in the password.
-- Password length from 6-8 characters.
-- Expire passwords periodically, 30 days or 60 days.
--Set your system values to disable a user profile after three bad login attempts.
-- When enabling a profile(after being disabled) or when creating a new profile, set the password to expired, so that when the user signs on for the first time, they are prompted to change their password to a value only they know.
Restrictions that must be in place.
-- Never tell anyone your password, not your boss, and not the system security officer.
-- Never share a user profile with another user, even when you go away on vacation.
-- Passwords are never written down, or recorded anywhere.
-- Be on alert for network sniffers that can catch un-encrypted passwords. That includes securing the iSeries Communications trace in SST (System service tools).
-- Make sure that there is no program attached to the system value PWDVLDPGM (Password Validation program). A program registered here can catch all changed passwords and record them.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: Tips, tutorials and more.
Search400.com's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Read this Search400.com Featured Topic: Secure your iSeries
Dig Deeper on iSeries system and application security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.