-
Title
NC-Access Passphrase Support -
Description
From maintenance level M, NC-Access now supports passwords longer than 8 characters for both RACF and ACF2 security systems and fixes are now available to also cover Top Secret. These are commonly known as passphrases and are stored separately from the passwords in the security systems. However, for the purpose of logging on to NC-Access, only one input field is supplied for entry of a single password or passphrase.
-
Resolution
The changed and supplied logon screens ENA0052, ENA0053, ENA0054 and ENA0055 still accept 8 character passwords, but also allow for the full 100 character passphrases that the security systems allow. However it is noted that for passphrases over 65 characters on screen sizes other than model 5, the password field must be split over 2 lines. In testing, it has been found difficult for some people to consistently type very long passphrases especially over 2 lines, so you might like to consider limiting passphrases to 65 characters or perhaps 49 characters if scripts are to be used (see limitations below). If required the logon screens and password change screens can be very simply amended to be limited to one line for the passphrase.
LIMITATIONS
Scripts
When specifying &SYSPASS as a keyword the passphrase is limited to 49 characters. With longer passwords you may get the error ‘CKNA1210-9 Invalid cursor address specified’
CINIT data received by NC-Access
NC-Access now accepts phrases as passwords in logon data supplied by other applications so long as they do not contain the characters /( which are used as separators for user/pass(command
User Edit screens
Users may specify data to pass to applications when using the Edit command. The keyword SYSPASS may be used to pass the full length of the passphrase entered at logon to NC-Access. However, the field for defining the whole cinit data is restricted to a total of 29 characters. If not using the SYSPASS keyword and hard coding the passphrase, this will greatly limit the length of the passphrase.
Multsess users :
Multsess Does not support passphrases. We recommend that users upgrade to NC-Access to get passphrase support. There is an automated process to convert a Multsess environment to NC-Access. Existing Multsess ATP scripts will work with NC-Access. Contact support for more details if required.