This topic discusses how to change signon error messages to discourage hackers who are trying to break into a system.
Hackers like to know when they are making progress toward breaking into a system. When an error message on the Sign On display says Password not correct, the hacker can assume that the user ID is correct. You can frustrate the hacker by using the Change Message Description (CHGMSGD) command to change the text for two signon error messages. The table shows the recommended text.
| Message ID | Shipped Text | Recommended Text |
|---|---|---|
| CPF1107 | CPF1107 – Password not correct for user profile. | Signon information is not correct. (Do not include the message ID in the message text.) |
| CPF1120 | CPF1120 – User xxxxx does not exist. | Signon information is not correct. (Do not include the message ID in the message text.) |