That part of IBM that will remain forever Akers posted something akin to the following on the IBM UK Information Network Newsletter earlier this month. By the end of September 1992, a new checker will be in place to further protect MNS passwords from violation. This checker brings the MNS in line with those already used on IE and IMS services. If you use an automated routine to reset passwords then please consider the implications after September, and please inform all users of MNS to comply with the following rules when resetting passwords. A password will be disallowed if its length is not at least six characters and satisfies the length rules specified by the installation. The first character must be alphabetic. The following strings cause the new password to be disallowed: the year number for this year, last year, and next year; three-character abbreviations for the months of the year, regardless of the current month; three or more characters in ascending or descending sequence from the alphabet or numbers; four or more characters in horizontal sequence in either direction from the keyboard; any complete match with an 8-byte string in a table (variable invword) of passwords previously found to be frequently used; this test involves a compare with the full password, sub-strings are not considered; at least four characters in the same relative positions must be different from the current password; any three-character string from the old password, if present; any string of three identical characters; any string of three characters repeated or reversed; any character repeated more than twice; the user identification or any three-character sub-string thereof; all initials appearing together will be disallowed, and if more than two exist then the first and last will be disallowed when used together; the surname, or any four-character sub-string thereof; and the RACF Groupname, also in reverse. So now you know.
