The standard authentication method on Tandem systems is based on static passwords.

A users credentials are:

• The unique ID
  The ID is defined by the users manager when the user is introduced to the system. It can be changed by the users manager.
  The ID is used to decide about access rights.
• The corresponding password
  The password is set when the user is introduced, but can be changed by the user, depending on the password life time criteria, defined in SAFEGUARD.

When SAFEGUARD is active, the password lifetime is controlled according to NCSC's[1] C2[2] requirements, but there is no quality filter delivered by Tandem.

The solution from Tandem is a so-called Security Event Exits (SEE), which interfaces to user written SEE Processes (SEEP). One SEE type interface is defined for password quality filtering.

The Password Quality Security Event Exit Process (PWQASEEP) is a process, that interfaces exactly to this SEE.

The password quality SEEP is used when:

• a user is introduced by SAFECOM and the users initial password is set
• the password of an existing user is changed by his manager
• the user logs on through a TACL and changes his password
• the user uses the PASSWORD program.
• an application process uses the GUARDIAN procedure call User_Authenticate_ and its ability to change the password during the authentication cycle

[1] NCSC = National Computer Security Center, USA
[2] C2 = evaluation level according to the TCSEC

Download product information of Password Quality Process.

Order Trial

Four steps to your free trial license:

1. Download the freeware tool SysInfo and run it on the target TANDEM machine
2. Put the system information in the following form
3. Select the product form the drop down list
4. GreenHouse will send the license key via EMail