You can do that but I do not recommend it. Password on the i are one
way encrypted. That is the encryption key is the user id and password.
Unless you have the correct key, you cannot verify the password. What
IBM and others do is encrypt your user id and password when you submit
them and compare the encrypted values. It the encrypted values match,
you sent the correct user id / password pair. It is best to have some
other means to identify a user and have them provide a new password.
Now you send an email to the stored email address for the profile the
user forgot their password. Once they click on the link in the email,
you go ahead and set the new password. That link should be stored in a
temporary file to and expire after a fixed amount of time.
Chris Bipes
Director of Information Services
CrossCheck, Inc.
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of John Allen
Sent: Wednesday, June 17, 2009 10:50 AM
To: 'Midrange Systems Technical Discussion'
Subject: RE: AS400 Automatic Sending of New Password?
Unless you wrote a front end to the Change Password or
Change User Profile. You can then save the password into
your own database file (hopefully encrypted there as well)
You could even store some type of phrase reminder, Security
questions etc.
As an Amazon Associate we earn from qualifying purchases.
This thread ...
Re: AS400 Automatic Sending of New Password?, (continued)
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
