Idea Details

Using pass phrase passwords with CA Gen

Last activity 02-14-2020 06:32 PM
M B's profile image
By: M B
09-10-2019 02:10 PM

​Many CA products are being converted to use Pass Phrase passwords. 

Our site is implementing the following improvements for RACF:

  • allow special characters A-Z  a-z  0-9  .<+|&!*-%_>?:=  #$@ and spaces

  • allow mixed case

  • allow 100 characters pass phrase

  • upgrade password encryption from DES to KDFAES 

However, the CA Gen Server Client Security Validation Exit TIRSECV is limited to 64 bytes:
03 CLIENT-PASSWORD                  PIC X(64)
Unfortunately, this will hold up our users to move to longer passwords on z/OS.
Please consider this as an important enhancement idea. 

Best regards,

Mieke B.
Tax and Customs Administration of the Netherlands / Information Technology