Recommended change to NEWPHRASE

Idea created by fentoncl on Jan 20, 2015
    Under review

    Within Top Secret the control option NEWPW has setting for LC, UC, and TS as listed below.


    LC - Password must contain at least one lowercase letter.


    UC - Password must contain at least one uppercase letter.


    TS - Prevents users from specifying a password that is too similar to the previous password.


    Can the NEWPHRASE have the above setting for the password phrase content requirements and have a number of characters requirement (i.e. LC(n) for minimum number of lowercase characters.)?  Recommend that TS(n) option specify that if there are n characters in a row that match in the same positions of both password phrases, then the old and new password phrases are too similar.  Top Secret specifies the minimum number of alphabetic characters (a-z or A-Z) using MA=n.  The MA=n does not cover the separation of the use of lowercase and uppercase characters.


    This change will provide compliance with the NIST 800-53 on password requirements and the z/OS STIGS.  It is strongly recommended that this change be made to comply with the current configuration settings for the NEWPW.