Hi, If what you need is to prevent users from using easy to guess passwords, RACF already has the tools that you need, from implementing mixed case, passphrases, and special characters, or/and using the password or passphrase exit, which is very easy to implement, to validate password complexity and preventing the use of any words you want. Regards Jack
On Wed, Feb 28, 2024, 21:36 Linda Hagedorn < 000005cf4637de00-dmarc-requ...@listserv.ua.edu> wrote: > My company wants an external password manager to substitute for RACF. > I need to know if anyone has experience with this, or common password > matching in RACF. > > Background > Regulations NYDFS require preventing common passwords to be used. > Vendor tools (Courion, CyberArk, etc.) have a corpus to match password > changes to prevent the use of common passwords. > RACF passwords can be changed from TSO, the internal reader, JCL, Candle > Session manager, etc., so trying to block password changing through RACF > and forcing everyone through one of these 3rd party tools may be near > impossible. > > Any input is appreciated. Thanks! Linda > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
