Strengthened ACF2 password requirements have been implemented on the NWRDC z/9 processor complex.  These new standards apply to both the production and test LPARs.

The current password requirements are as follows:

• The minimum password length is 6 characters (the maximum length is 8 characters). 
• At least 1 numeric character and at least 1 alpha character are required. 
• 6 password violations on the same the day will automatically cause the logonid to be suspended.   
• 2 consecutive repeating characters are permitted; more than 2 consecutive repeating characters are not allowed. 
• Five particular special characters are permitted in the password but none are required.  The five allowed special characters are  ! @ # $ %  which typically map to upper case 1-5. 

The new standards will be applied when a new password is assigned to a logonid on or after the implementation date; existing passwords will continue to be supported until a password change is attempted.

That is, after the new standards are implemented, currently existing passwords will continue to be accepted regardless of conformation.  At the point that an attempt is made to change a password the new standards apply.  Passwords for logonids added after this date would naturally be subject to the new policy. 

Some examples of non-allowed passwords are:

• AAABC3 - too many repeating A's (AABAC3, AABAAC3,… would be allowed);
• ACDXYZ - no numeric;
• 3847223 - no alpha;
• ASDF2 - less than 6 characters;

Please call the data center or send email to AF2Request if you have any questions regarding z/9 ACF2 password policy.