When we refer to a user, we mean any person who is signed on to the system. This may include students, programmers, data-entry personnel, operators, and administrators. To perform work on the AS/400, a user needs to be known to the system. A user becomes known to the system when a security officer or administrator creates a user profile object for that user. A user profile not only identifies a user but also describes the user’s authority and is the source of several operational characteristics of that user’s job.
The user ID and password are combined to complete the sign-on process. User IDs and passwords should be kept private. For security reasons, it is recommended that passwords should exceed several digits in length, because longer passwords are harder to guess. The password length is determined by two system values, QPWDMAXLEN (Password Maximum Length), and QPWDMINLEN (Password Minimum Length). A value from 1 to 10 is allowed, but a minimum of five characters is recommended. Like the user ID, the password may not begin with a number. A user’s password cannot be displayed on the AS/400. If the user has forgotten his or her password, the Security Officer or System Administrator can modify the user ID, giving it a new password. For convenience in this situation, the password is generally changed to the same characters as the user ID value; the user should then choose a new password when (s)he next signs on.
Display User Profile
The DSPUSRPRF (Display User Profile) command provides such information as the date and time of the previous sign-on, and sign-on attempts that were not valid. This information could assist in verifying unauthorized access. For example, this field may show sign-on attempts during a time period when a user was on vacation or otherwise not available to use the system. To monitor whether an unauthorized person has been attempting to gain access to the system, the number of invalid sign-on attempts is included in the information retrieved by the DSPUSRPRF command.