NEWPHRASE—Implement Password Phrase Rules

Valid on z/OS and z/VM.
ctsfz
Valid on z/OS and z/VM.
Use the NEWPHRASE control option to specify the controls for password phrases.
The alpha count minimum (MA), digit count minimum (MN), and special character count minimum (SC) must not exceed the total phrase character maximum (MAX). This constraint is evaluated sequentially from left to right each time you change any of these variables.
You can enter all values in any order.
This control option has the following format:
TSS MODIFY NEWPHRASE([MA=nn],[MN=nn],[ID],[MAX=nnn],[MIN=nn], [MINDAYS=nn],[NR=n],[NU],[SC=nn],[LC],[UC],[WARN=nn])
  • MA=nn
    Specifies the minimum number of alpha characters.
    Range:
    0 to 32
    Default:
    0
  • MN=
    Specifies the minimum number of numeric characters.
    Range:
    0 to 32
    Default:
    0
  • ID
    Prevents users from specifying a new password phrase that contains their ACID name.
  • MAX=nnn
    Specifies the maximum length of a password phrase.
    Range:
    9 to 100
    Default:
    100
  • MIN=nn
    Specifies the minimum length of a password phrase.
    Range:
    9 to 32
    Default:
    9
  • MINDAYS=
    Specifies the number of days after a password phrase is changed before the user can change the password phrase again.
    Range:
    0 to 99
    Default:
    0
  • NR=
    n
    Specifies how many pairs of repeating characters to allow in a new password phrase. For example, NR=1 allows password phrase OCTAVIAN FOOTWEAR FUNDAMENTAL LUCENT TECHNOLOGY (one pair of repeating characters) but prevents OCTAVIAN FOOTWEAR SEEDED LUCENT TECHNOLOGY (two pairs of repeating characters) and prevents OCTAVIAN FOOOTWEAR FUNDAMENTAL LUCENT TECHNOLOGY (because OOO is considered two pairs).
    Note:
     NR does 
    not
     control the total number of times a character exists in the password phrase. For example, OCTAVIAN FOOTWEAR FUNDAMENTAL LUCENT TECHNOLOGY (containing five instances of O) would 
    not
     be rejected by NR=4.
    Range:
    0 to 5
    Default: 
    Specifying NR without a value (=
    n
    ) defaults to NR=0, which prohibits any repeating characters. Omitting an NR specification disables checking for repeating characters.
  • NU
    Specifies that an ACID TYPE(USER) cannot change their own password phrase.
  • SC=nn
    Specifies the minimum number of characters that the new password phrase must have from the PPSCHAR list. If no PPSCHAR set is available, no action is taken.
    Range:
    0 to 32
    Default:
    0
  • LC
    Specifies that the new phrase must contain at least one lowercase letter.
  • UC
    Specifies that the new phrase must contain at least one uppercase letter.
  • WARN=nn
    Specifies the warning days given that a password or ACID is about to expire.
    Range:
    0 to 99
    Default:
    3