IBM Support

PI09851: Password Restrictions are not honored when Password is changed from Tools -- Manage Users -- Security -- Change Password

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Password Restrictions are not honored when Password is changed
    from Tools -- Manage Users -- Security -- Change Password.
    
    Steps to reproduce:
    --------------------
    1.? Login to DOORS as an Administrator/Database Manager or
    Custom user with Create users power and set Password
    Restrictions, say Passwords must contains: Letters, Numbers,
    Symbols.
    
    2.? Once the restrictions have been set, click on Manage Users
    and Groups, select any one user and click on Edit -- Security --
    Change Password.
    
    3.? You would be prompted to change the password. Ideally as you
    have set restrictions that the password should contains letters,
    numbers and symbols, you would expect that when a password which
    contains all numbers should be rejected (say try using a
    password '123456'). However, the all numbered password is indeed
    accepted and the user for which the password was changed is
    indeed able to login using the all numbered password.
    
    NOTE: You would observe that if instead of using Manage Users
    and Groups tool if a user clicks on Tools -- Options -- Security
    -- Change Password and then tries to enter a password which
    doesn't comply to the password restrictions that have been set,
    then the password is not accepted ? only those passwords which
    comply to password restrictions are accepted.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * All users/environments                                       *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * Password Restrictions are not honored when Password is       *
    * changed from Tools -- Manage Users -- Security -- Change     *
    * Password.                                                    *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * Upgrade to 9.6                                               *
    ****************************************************************
    Client side issue
    

Problem conclusion

  • Changed validation to apply password requirements to
    administrator users as well as all other users.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI09851

  • Reported component name

    TLOGIC DOORS

  • Reported component ID

    5724V61DR

  • Reported release

    951

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-01-17

  • Closed date

    2014-06-07

  • Last modified date

    2014-06-07

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TLOGIC DOORS

  • Fixed component ID

    5724V61DR

Applicable component levels

  • R960 PSY

       UP



Document information

More support for: Rational DOORS

Software version: 9.5.1

Reference #: PI09851

Modified date: 07 June 2014