Browse Prior Art Database

Method and apparatus to allow password change and maintenance of password history when using a PassTicket for authentication.

IP.com Disclosure Number: IPCOM000013915D
Original Publication Date: 2001-May-01
Included in the Prior Art Database: 2003-Jun-19
Document File: 1 page(s) / 37K

Publishing Venue

IBM

Abstract

A program is disclosed that allows a password change and maintenance of password history when using a PassTicket for authentication instead of providing a current password.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 100% of the total text.

Page 1 of 1

  Method and apparatus to allow password change and maintenance of password history when using a PassTicket for authentication.

   A program is disclosed that allows a password change and maintenance of password history when using a PassTicket for authentication instead of providing a current password.

PassTickets, introduced via RACF secured signon, are used as a one-time-only password substitutes for authentication purposes. When a user is authorized via a PassTicket no password is supplied. In order to allow a password change in this environment the following needs to be done.

Retrieve the current password from the security database for the user identified by the

PassTicket. Compare the password retrieved with the desired new password and compare the new

password with all passwords maintained in the history. If any of the passwords match the new password, fail the password request. Otherwise,

set the new password and store the retrieved password in the password history for future password change checking.

This approach allows for a password change using PassTickets for authentication and enforcement of password history processing on this and subsequent password changes.


1.


2.


3.

1