133 lines
7.1 KiB
HTML
133 lines
7.1 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
|||
|
<!DOCTYPE html
|
|||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|||
|
<html lang="en-us" xml:lang="en-us">
|
|||
|
<head>
|
|||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|||
|
<meta name="security" content="public" />
|
|||
|
<meta name="Robots" content="index,follow" />
|
|||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|||
|
<meta name="DC.Type" content="concept" />
|
|||
|
<meta name="DC.Title" content="Limit repeating characters in passwords" />
|
|||
|
<meta name="abstract" content="This system value limits the use of repeating characters in a password." />
|
|||
|
<meta name="description" content="This system value limits the use of repeating characters in a password." />
|
|||
|
<meta name="DC.Relation" scheme="URI" content="rzamvpwdsysval.htm" />
|
|||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
<meta name="DC.Format" content="XHTML" />
|
|||
|
<meta name="DC.Identifier" content="qpwdlmtrep" />
|
|||
|
<meta name="DC.Language" content="en-us" />
|
|||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|||
|
<!-- US Government Users Restricted Rights -->
|
|||
|
<!-- Use, duplication or disclosure restricted by -->
|
|||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|||
|
<title>Limit repeating characters in passwords</title>
|
|||
|
</head>
|
|||
|
<body id="qpwdlmtrep"><a name="qpwdlmtrep"><!-- --></a>
|
|||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|||
|
<h1 class="topictitle1">Limit repeating characters in passwords</h1>
|
|||
|
<div><p>This system value limits the use of repeating characters in a password.</p>
|
|||
|
<p>This value provides additional security by preventing users from specifying
|
|||
|
passwords that are easy to guess, such as the same character repeated several
|
|||
|
times. When the password level is 2 or 3, the test for repeated characters
|
|||
|
is case sensitive. This means that a lowercase ’a’ is not the same as an uppercase
|
|||
|
’A’.</p>
|
|||
|
<p>See <a href="#qpwdlmtrep__quickref">Quick reference</a> table
|
|||
|
for an overview of the <span class="uicontrol">Limit repeating characters in passwords</span> system
|
|||
|
value.</p>
|
|||
|
<div class="p">
|
|||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption>Table 1. Possible values for the limit repeating characters
|
|||
|
in passwords system value</caption><thead align="left"><tr valign="bottom"><th valign="bottom" id="d0e32">iSeries™ Navigator </th>
|
|||
|
<th valign="bottom" id="d0e36">Character-based interface</th>
|
|||
|
<th valign="bottom" id="d0e38">Description</th>
|
|||
|
</tr>
|
|||
|
</thead>
|
|||
|
<tbody><tr><td valign="top" headers="d0e32 ">Characters may be used more than once</td>
|
|||
|
<td valign="top" headers="d0e36 ">0</td>
|
|||
|
<td valign="top" headers="d0e38 ">The same characters can be used more than once in a
|
|||
|
password.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e32 ">Characters may not be used more than once</td>
|
|||
|
<td valign="top" headers="d0e36 ">1</td>
|
|||
|
<td valign="top" headers="d0e38 ">The same character cannot be used more than once in
|
|||
|
a password.</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e32 ">Characters may not be used consecutively</td>
|
|||
|
<td valign="top" headers="d0e36 ">2</td>
|
|||
|
<td valign="top" headers="d0e38 ">The same character cannot be used consecutively in a
|
|||
|
password.</td>
|
|||
|
</tr>
|
|||
|
</tbody>
|
|||
|
</table>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
<p><strong>Relationship to security policy</strong></p>
|
|||
|
<p>Within your security policy you should describe all password rules that
|
|||
|
are defined by the system values related passwords. For this system value,
|
|||
|
inform users on whether or not password rules allow repeated characters. This
|
|||
|
value provides additional security by preventing users from specifying passwords
|
|||
|
that are easy to guess, such as the same character repeated several times.
|
|||
|
This system value works with other system values that specify the composition
|
|||
|
of individual passwords.</p>
|
|||
|
<div class="p">
|
|||
|
<div class="tablenoborder"><a name="qpwdlmtrep__quickref"><!-- --></a><table cellpadding="4" cellspacing="0" summary="" id="qpwdlmtrep__quickref" frame="border" border="1" rules="all"><caption>Table 2. Quick Reference . Provides details
|
|||
|
for the <span class="uicontrol">Limit repeating characters in passwords</span> system
|
|||
|
value.</caption><thead align="left"><tr valign="bottom"><th valign="bottom" id="d0e83">iSeries Navigator name</th>
|
|||
|
<th valign="bottom" id="d0e87">Restrict repeating characters</th>
|
|||
|
</tr>
|
|||
|
</thead>
|
|||
|
<tbody><tr><td valign="top" headers="d0e83 ">Character-based interface name</td>
|
|||
|
<td valign="top" headers="d0e87 ">QPWDLMTREP</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e83 ">Authority</td>
|
|||
|
<td valign="top" headers="d0e87 "><p>All object access (*ALLOBJ)<br />
|
|||
|
Security administrator (*SECADM)</p>
|
|||
|
<div class="note"><span class="notetitle">Note:</span> The Security Officer (QSECOFR) user profile is shipped with
|
|||
|
these authorities. </div>
|
|||
|
</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e83 ">How to access</td>
|
|||
|
<td valign="top" headers="d0e87 "><div class="p"><strong>iSeries Navigator</strong><ol><li>Expand <span class="menucascade"><span class="uicontrol">Security</span> > <span class="uicontrol">Policies</span></span>.</li>
|
|||
|
<li>Right click <strong>Password Policy</strong> and select <strong>Properties</strong>.</li>
|
|||
|
<li>On the <strong>Validation</strong> page, you will find the option to restrict repeating
|
|||
|
characters.</li>
|
|||
|
</ol>
|
|||
|
</div>
|
|||
|
<div class="p"><strong>Character-based interface</strong><ol><li>In the character-based interface, type <samp class="codeph">WRKSYSVAL QPWDLMTREP</samp>.</li>
|
|||
|
</ol>
|
|||
|
</div>
|
|||
|
</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e83 ">Changes take effect</td>
|
|||
|
<td valign="top" headers="d0e87 ">Immediately</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e83 ">Default value</td>
|
|||
|
<td valign="top" headers="d0e87 ">Characters may be used more than once</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e83 ">Recommended value</td>
|
|||
|
<td valign="top" headers="d0e87 ">Characters cannot be repeated consecutively</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e83 "><a href="rzamvlockdown.htm">Lockable</a></td>
|
|||
|
<td valign="top" headers="d0e87 ">Yes</td>
|
|||
|
</tr>
|
|||
|
<tr><td valign="top" headers="d0e83 ">Special considerations </td>
|
|||
|
<td valign="top" headers="d0e87 ">When the password level system value has a value of
|
|||
|
2 or 3, the test for repeated characters is case sensitive. This means that
|
|||
|
a lowercase ’a’ is not the same as an uppercase ’A’.</td>
|
|||
|
</tr>
|
|||
|
</tbody>
|
|||
|
</table>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
<p>For more in-depth information about this security value, see Chapter 3,
|
|||
|
"Security System Values" in <a href="../books/sc415302.pdf" target="_blank">Security Reference</a>. </p>
|
|||
|
</div>
|
|||
|
<div>
|
|||
|
<div class="familylinks">
|
|||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvpwdsysval.htm" title="In addition to setting signon system values, you also need to decide rules regarding users passwords">Password system values</a></div>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
</body>
|
|||
|
</html>
|