Re: Passwords not meeting the rules

[Rob Berendt <robertowenberendt@xxxxxxxxx>]

The USER_INFO_VIEW will tell you if the user is using the default
password.  Look for the column USER_DEFAULT_PASSWORD.  Question:  How does
it know?

There's also a CHECK_PASSWORD table function and a Check Password Meets
Password Rules (QSYCHKPR) API.  But both check a new string to see if it
meets most of your new password rules.  Some it cannot check, like "System
values QPWDPOSDIF and QPWDRULES *LMTSAMPOS are not enforced since a current
password is not used for a comparison."

I think IBM would entertain an idea about this.  There must be some way to
check, after all, how would the functions in the double quotes above work
if they didn't have access to the password?


On Fri, Jan 30, 2026 at 11:34 AM <smith5646midrange@xxxxxxxxx> wrote:

> A little while ago, my client updated their password rules to be a little
> stricter.  For example, one of the changes was the min length was changed
> from 8 to 14.  I have now been asked if I can provide a list of users that
> have a password that does not meet the new requirements.  I don't want/need
> to know the password.  I'm just looking for a yes or no flag to tell me if
> it meets the requirements.  Is there anything that would give me that info?
> I think their eventual plan is to set passwords to expired if they don't
> meet the rules and make them change them so they do meet them.
>
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: https://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at https://archive.midrange.com/midrange-l.
>
> Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
> questions.