NEWPHRASE—Implement Password Phrase Rules
Valid on z/OS and z/VM.
Valid on z/OS and z/VM.
Use the NEWPHRASE control option to specify the controls for password phrases.
The alpha count minimum (MA), digit count minimum (MN), and special character count minimum (SC) must not exceed the total phrase character maximum (MAX). This constraint is evaluated sequentially from left to right each time you change any of these variables.
You can enter all values in any order.
This control option has the following format:
TSS MODIFY NEWPHRASE([MA=nn],[MN=nn],[ID],[MAX=nnn],[MIN=nn], [MINDAYS=nn],[NR=n],[NU],[SC=nn],[LC],[UC],[WARN=nn])
- MA=nnSpecifies the minimum number of alpha characters.Range:0 to 32Default:0
- MN=Specifies the minimum number of numeric characters.Range:0 to 32Default:0
- IDPrevents users from specifying a new password phrase that contains their ACID name.
- MAX=nnnSpecifies the maximum length of a password phrase.Range:9 to 100Default:100
- MIN=nnSpecifies the minimum length of a password phrase.Range:9 to 32Default:9
- MINDAYS=Specifies the number of days after a password phrase is changed before the user can change the password phrase again.Range:0 to 99Default:0
- NR=nSpecifies how many pairs of repeating characters to allow in a new password phrase. For example, NR=1 allows password phrase OCTAVIAN FOOTWEAR FUNDAMENTAL LUCENT TECHNOLOGY (one pair of repeating characters) but prevents OCTAVIAN FOOTWEAR SEEDED LUCENT TECHNOLOGY (two pairs of repeating characters) and prevents OCTAVIAN FOOOTWEAR FUNDAMENTAL LUCENT TECHNOLOGY (because OOO is considered two pairs).Note:NR doesnotcontrol the total number of times a character exists in the password phrase. For example, OCTAVIAN FOOTWEAR FUNDAMENTAL LUCENT TECHNOLOGY (containing five instances of O) wouldnotbe rejected by NR=4.Range:0 to 5Default:Specifying NR without a value (=n) defaults to NR=0, which prohibits any repeating characters. Omitting an NR specification disables checking for repeating characters.
- NUSpecifies that an ACID TYPE(USER) cannot change their own password phrase.
- SC=nnSpecifies the minimum number of characters that the new password phrase must have from the PPSCHAR list. If no PPSCHAR set is available, no action is taken.Range:0 to 32Default:0
- LCSpecifies that the new phrase must contain at least one lowercase letter.
- UCSpecifies that the new phrase must contain at least one uppercase letter.
- WARN=nnSpecifies the warning days given that a password or ACID is about to expire.Range:0 to 99Default:3