This book describes the administrative procedures for the startup and running of NC-PASS Secure. Two versions of the NC-Pass manuals are provided here, for the standard password Secure level and the token supporting Authenticator level of running the product. These both include the Transaction Level Interface that any application on z/OS MVS or another IP-connected platform can use for real-time re-authentication during a sensitive transaction. The third VSSE level (VTAM session security exit) is covered in both manuals. Software for all three levels of running is included in the .zip below. The Authenticator level includes an option for hardware security tokens which use the 128-bit AES algorithm, and continues to provide the strong authentication service required by applications running on either z/OS MVS, or on other IP-connected platforms, allowing them to add real-time checking of dynamic one-time passwords generated by one or more brands of hardware security tokens, including our Defender Go-3 tokens. At this level the RSA SecurID tokens will be synchronized with GMT to avoid the twice yearly resync for daylight saving time. The following support is also provided: • RADIUS support - an optional MVS RADIUS component is available from the NC-Pass Radius page on SupportLink • Windows Login support – This optional component can be used to add NC-Pass two-factor authentication to the Windows Desktop Login. A user logging on to a pc with this installed will be required to enter a valid token response in addition to a password. The response will be checked within NC-Pass. The Radius component for NC-Pass must be running. Any or all of the token manufacturers and types supported by NC-Pass can be deployed across the user base. Refer to the Defender documentation provided in the .zlp below for further instructions – the Defender Desktop Login component is provided in the Utilities folder, and also as part of the package on the Defender page on SupportLink.