AnsweredAssumed Answered

Password encryption algorithm (ext sercurity)

Question asked by jan.rabaut on May 24, 2017
Latest reply on May 24, 2017 by Brian_Brendlinger

We are using EXTERNAL security in IDMS and I would like to activate a stronger password encryption algorithm 'KDFAES' under RACF.This makes it much more difficult to crack passwords stored in the RACF Database. IBM Documentation Planning Considerations for Enabling KDFAES warns of potential impact on "applications" that perform password verifications. IBM Info APAR II14765 refers to a number of IBM products for which maintenance is required (eg IMS, CICS, etc ..). I assume that IDMS may also be potentially involved.

Is there is any impact on our IDMS software? Perhaps you have already gained experience with other customers using the RACF option SETROPTS PASSWORD (ALGORITHM (KDFAES))?

Outcomes