QPWDVLDPGM

Is there a password validation program in place?

PowerTech recommended setting: *None

Importance: Medium

Purpose: You can specify the name of a user written program that will enforce additional password rules.  If this value is other than *NONE, be very sure of the content and purpose of any such program because it will be allowed to see, in plain text, every password change that occurs on the system. You'll also want to be sure that the program is secured against replacement or modification by non-authorized users.

Risks and Concerns: If a program is named here it should be closely guarded.  This program would have the ability to 'see' unencrypted passwords prior to their encryption. A Trojan horse program placed in this exit point might record those passwords for later use.