Re: Login Issues at QPWDLVL 2 for some users -- MIDRANGE-L

Subject: Re: Login Issues at QPWDLVL 2 for some users
From: Gord Hutchinson <gordm1@xxxxxxxxxxxxxxx>
Date: Wed, 24 Nov 2010 11:32:37 -0500
List-archive: <http://archive.midrange.com/midrange-l>
List-help: <mailto:midrange-l-request@midrange.com?subject=help>
List-id: Midrange Systems Technical Discussion <midrange-l.midrange.com>
List-post: <mailto:midrange-l@midrange.com>
List-subscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=subscribe>
List-unsubscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=unsubscribe>

On Wed, 24 Nov 2010 11:17:02 -0500, Charles Wilt <charles.wilt@xxxxxxxxx> wrote:

Gord,

Unless you're using encrypted telnet, the user id and password type
into the 5250 green screen sign on are sent in the clear; a network
sniffer can easily see them.

However, when using bypass-signon, the user id and passwords are
encrypted into the request to start the session even when the
resulting telnet session is unencrypted.

HTH,
Charles

Thanks. I didn't realize that. Our concern is that if you bypass-signon,
someone just needs to disconnect and reconnect the 5250 iseries access
session and it will automatically sign you on. Potentially as someone else.

Gord

Follow-Ups:

RE: Login Issues at QPWDLVL 2 for some users , Chris Bipes

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.