Restricted characters for passwords

This system value limits the use of certain characters in a password.

The valid characters are A through Z, 0 through 9, and special characters number (#), dollar ($), at (@), and underscore (_). This value provides additional security by preventing users from using specific characters, such as vowels, in a password. Restricting vowels prevents users from forming actual words for their passwords.

See Quick reference table for an overview of the restrict character for passwords system value.

Table 1. Possible values for the restrict character for passwords system value
iSeries™ Navigator Character-based interface Description
None *NONE There are no restricted characters for passwords.
Restricted characters restricted-characters Specify up to 10 restricted characters. The valid characters are A through Z, 0 through 9, and special characters pound (#), dollar ($), at (@), and underscore (_).

Relationship to security policy

Within your security policy you should describe the password rules that are defined by the system values related passwords. For this system value, inform users which characters are restricted. This system value works with other system values that specify the composition of individual passwords.

Table 2. Quick Reference. Provides details for the restricted character for passwords system value.
iSeries Navigator name Restricted characters
Character-based interface name QPWDLMTCHR
Authority

All object access (*ALLOBJ)
Security administrator (*SECADM)

Note: The Security Officer (QSECOFR) user profile is shipped with these authorities.
How to access
iSeries Navigator
  1. Expand Security > Policies.
  2. Right click Password Policy and select Properties.
  3. On the Validation page, you will find the option for restricted character.
Character-based interface
  1. In the character-based interface, type WRKSYSVAL QPWDLMTCHR.
Changes take effect Immediately
Default value None
Recommended value A, E, I, O, and U. You may also want to restrict special characters (#, $, and @) for compatibility with other systems.
Lockable Yes
Special considerations This system value can only be used for password levels 0 or 1. If you change this value and your password level is either 2 or 3, then the system will ignore the restricted character setting.

For more in-depth information about this security value, see Chapter 3, "Security System Values" in Security Reference.

Parent topic: Password system values