JES2 defines passwords associated with NJE lines and with nodes in the NJE network during initialization. Use the PASSWORD= parameter of the LINE(nnnn) initialization statement for BSC lines to specify line passwords. Do not specify a password for SNA lines used for NJE; use the PASSWORD= parameter of the NODE(nnnn) initialization statement to specify a node password for each node with which another node can communicate in your network.

As an alternative to traditional NODE passwords, you can use NODE(nnnn) SIGNON=SECURE along with an APPCLU profile as a secure form of NJE signon. It does not exchange nodal passwords in clear text. With TCP/NJE you can provide passwords as a process of creating digital certificates to do SSL secure networking. You can use SECURE= parameter on Socket definitions to exploit the SSL security facility of TCP/IP. See Extending network capability for additional information.

Installations can encrypt passwords for jobs sent through the network. Use RACF® on the submitting node to encrypt a password that is then verified by RACF on the job's execution node. Before sending jobs with encrypted passwords through the network, ensure that the execution node supports encrypted passwords. Use the PENCRYPT= parameter on the NODE(nnnn) statement to indicate the nodes that support encryption. See z/OS JES2 Initialization and Tuning Reference for a description the PENCRYPT= parameter.