Considerations for certain passwords being passed as clear text

Although iSeries™ supports the encryption of connection passwords, one of the connection security options you can specify in setting up an RDB directory entry is *USRIDPWD.

See the Add RDB Directory Entry command and the Change Relational Database Directory Entry command in Working with the relational database directory for more information.

If the server to which the connection is made allows the *USRIDPWD security option, the connection password can flow unencrypted. In V5R3, the SQL SET ENCRYPTION PASSWORD statement and the ENCRYPT function can also cause passwords to flow over the network unencrypted. Currently, there are two possible solutions for encrypting datastreams. One is to use IPSec. As the other possibility, if you are using an AR that supports SSL, you can use that protocol to encrypt data transmitted to and from an iSeries AS.