z/OS Security Server RACF General User's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Identifying and verifying users

z/OS Security Server RACF General User's Guide
SA23-2298-00

RACF® identifies you when you log on to the operating system you want to use. It does so by requiring a user identification, the user ID—a unique identification string. RACF then verifies that you are the user you say you are by requesting and checking a password. Each RACF user ID has a unique password. You should be the only one who knows your password. That way, RACF can ensure personal accountability.

Note: Some applications support authentication via digital certificates or Kerberos. When accessing these applications you might not need to enter a user ID and password.
In addition to a password, you can also have an optional password phrase, which you can use instead of a password with applications that support password phrases. A password phrase is a string of characters that can be longer than a password, and can contain characters that are not allowed in a password, including blanks. It is intended to be secure, but easy to remember.
Note: Most applications do not support password phrases, and require that you use your password.

When you are first defined to RACF, your group or security administrator assigns you a user ID and a password. The password is usually temporary, but the security administrator can choose to assign you a non-temporary password. A temporary password enables you to log on to the system the first time. As soon as you log on, RACF requires you to supply a new password of your choice to replace the temporary password. Your password might expire after a certain time interval, so you might need to change it periodically. See Changing your password for information on how to do this.

Note: Your password might need to satisfy certain installation-defined rules. For example, your password might need to be longer than five characters, and be made up of a mixture of alphabetic and numeric characters. Check with your system administrator or security administrator for the rules you should follow when you create a password.

You might also be assigned a password phrase. If so, the first time you log on using your password phrase RACF requires you to supply a new password phrase of your choice. Your password phrase might expire after a certain time interval, so you might need to change it periodically. For information on how to do this, see Changing your password phrase.

Parent topic: What is RACF?

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014