I saw a thread about this a few weeks ago and wondered... We only get prompted once also (z10 EC). But perhaps that is a difference in profiles between operator and sysprog.
Ed, are you using an operator type logon, or sysprog? Mark -- Mark Zelden Sr. Software and Systems Architect - z/OS Team Lead Zurich North America / Farmers Insurance Group - ZFUS G-ITO mailto:mark.zel...@zurichna.com z/OS Systems Programming expert at http://expertanswercenter.techtarget.com/ Mark's MVS Utilities: http://home.flash.net/~mzelden/mvsutil.html On Sun, 21 Dec 2008 11:51:01 -0500, Jousma, David <david.jou...@53.com> wrote: >Interesting. I only get prompted once for a password, Ed. We are at >the latest EC on our HMC's, but we are EC, not BC. Maybe something is >different. One thing we did do, however on the security front, was to >make our HMC's authenticate passwords with our Domain Server via LDAP. >Now the auditors are happy.... > >_________________________________________________________________ >Dave Jousma >Assistant Vice President, Mainframe Services >david.jou...@53.com >1830 East Paris, Grand Rapids, MI 49546 MD RSCB1G >p 616.653.8429 >f 616.653.8497 > >-----Original Message----- >From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On >Behalf Of Edward Jaffe >Sent: Sunday, December 21, 2008 4:11 AM >To: IBM-MAIN@bama.ua.edu >Subject: Security Breach on System z HMC? > >I'm getting used to the "tree view" on our new HMC. However, I've >discovered one huge PITA I think I'll *never* get used to. :-( > >IIRC, there has always been a confirmation prompt for so-called >"disruptive" tasks. But now, the clever HMC designers in Endicott have >thrown in a second confirmation box--one that prompts for your password >_every time_ you confirm a disruptive task! (BTW, this includes basic >things like IPLing an image that's already down.) > >Forcing an operator to type in his/her password over and over is as >annoying as it is wrong-headed. Passwords are intended to stay secure >and every password prompt is a potential, but usually necessary, >exposure. You should never be prompted to type your password more often >than necessary. > >When I logon, my colleagues usually (respectfully) turn their heads as I > >key in my password. But, having to key it in over and over again during >a session means that, after a while, all of the people interested enough > >to be huddled around the HMC while I perform "neat" (aka disruptive) >tasks are bound to learn my password! > >I've never seen an interface that prompted for my password so often. >It's driving me nuts! >:o > >-- >Edward E Jaffe >Phoenix Software International, Inc >5200 W Century Blvd, Suite 800 >Los Angeles, CA 90045 >310-338-0400 x318 >edja...@phoenixsoftware.com >http://www.phoenixsoftware.com/ > >This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. > >---------------------------------------------------------------------- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO >Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
