The system’s password system values let you specify the minimum and maximum password length, whether the password must contain a digit, and how often a password can be reused. But what if you want to enable additional checking, such as ensuring that the password is not a dictionary word? In that case, you need to have a Password Validation program. A password validation program is simply a program written in any language that accepts an assigned set of parameters as defined by IBM.
Let’s look at an example of a simple password validation program.
After proper registration of this program as a password validation exit program (see below), this program is called whenever the Change Password (CHGPWD) command or the Change Password (QSYCHGPW) API are executed. Please note that the program is not called when the CRTUSRPRF or CHGUSRPRF commands are used.
More than one program can be registered to the password validation exit point. The validation programs will be called in turn until all programs have been called or a reject return code is received.