When creating a new account, the CREATE-ACCOUNT command prompts you to enter a password for the account as part of the procedure.
NOTE |
Do not edit existing Account Definition items or User-ID items to add or change any passwords while any other users are logged on to the system. When users log on, pointers to data in the SYSTEM Dictionary are set up. If changes are made to SYSTEM Dictionary items while users are logged on, these pointers will be invalidated. (You can, however, add new items to the SYSTEM Dictionary, since these do not disrupt any of the existing pointers.) |
The logon prompt, as well as the LOGON and LOGTO commands, require that account names and passwords be entered correctly in order for users to log on to accounts. If they are entered incorrectly at the logon prompt, the logon prompt is redisplayed; if they are entered incorrectly in the LOGTO command, the user remains in the existing account at TCL.
Account names are defined by the CREATE-ACCOUNT command. Passwords are stored in encrypted form in line or attribute 7 of the Account Definition item or User-ID in the SYSTEM Dictionary.
NOTE |
One of the most important parts of the system to protect is the SYSPROG account which is created automatically with the installation and loading of mvBase. A password should be assigned to this account as soon as the system is installed as access to the SYSPROG account gives access in turn to the SYSTEM Dictionary and to other commands and files that control and maintain system security. |
Most other security controls are codes stored in Account Definition items or User-IDs in the SYSTEM Dictionary, which can be added, changed, or deleted at any time using the Editor.
When using CREATE-ACCOUNT, a sequence of messages such as the following appears:
ACCOUNT NAME?JULIE L/RET-CODE(S)?SA]OR]INV]HIST L/UPD-CODE(S)?SA]OR PRIVILEGES?SYS1 MODULO?<ENTER> PASSWORD? |
Either enter a password or press ENTER. If you enter a password, it is stored in encrypted form in the Account Definition item, and you return to the TCL prompt. If you do not want to enter a password, press ENTER at the prompt. The system then prompts you to confirm that you do not want to assign a password to the account. If you type N, the system once again prompts you to enter a password; if you type Y, no password is assigned and you return to the TCL prompt.
Use the PASSWORD command at any time to assign a password to an account that does not have one, to change an existing password, or to delete a password.
CAUTION |
Take care not to add or change any passwords while any other users are logged on to the system. When users log on, pointers to data in the SYSTEM Dictionary are set up. If passwords are added or changed while users are logged on, these pointers will be invalidated. You can, however, enter new passwords when you are creating a new account, since new Account Definition items do not disrupt any of the existing pointers. |
Type PASSWORD at the TCL prompt. The system prompts you for the account name:
ENTER ACCOUNT NAME? |
Enter the name of the account or user-ID. Next, you are prompted to enter the new password:
ENTER NEW PASSWORD? |
Enter any combination of characters. Do not, however, use control characters. The system stores only the last eight characters entered.
To delete an existing password, press ENTER. When you press ENTER, you are prompted to confirm that you want to remove the password.
Type Y to delete the password. Type N to retain it.
See Also
Implementing MultiValue Security
Line 1: Using D Codes in Account Attributes
Lines 5 and 6: Using Retrieval and Update Codes
Line 8: Using System Privilege Level Codes
Line 9: Using Automatic Logoff
Line 9: Using Account Definition Codes
Line 9: Restricting Access to TCL and Commands
Using the Accounting History File (ACC)