Here's a small security tip that is similar to a nice September 2001 tip from Eric Bouchard. This one is code free.
Since profiles that are newly created or recently reset usually tend to have a default password (i.e. the same as the username), they become a security risk, particularly if they are left *ENABLED. You can see the extent of the risk by typing "GO SECTOOLS" to display the OS/400 security tools menu. Then, select option 1 "Analyze default passwords" and specify an action to be taken for any profile found that has a default password (options are *NONE, *DISABLE or *PWDEXP). To simply list the users, specify *NONE and hit (enter). Type WRKSPLF and listed should be a nice small spool file report called QPSECPWD that lists these profiles. That's it!
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Ask the Experts yourself: Our systems management gurus are waiting to answer your technical questions.