04f - Security

Security pills: Check User with the default password

Last Updated on 29 July 2022 by Roberto De Pedrini

I welcome Steve Pitcher‘s suggestion from this Linkedin Post: a simple SQL statement to get the list of users with default passwords who haven’t been SIGNON for some time:

select * from qsys2.user_info where user_default_password = 'YES' and previous_signon <current date - 60 days and status = '* ENABLED';

Of course, we can also check all users with default passwords and not limit ourselves to those who have not logged in for 60 days.

The advice is to disable these users or to set a non-default password with CHGUSRPRF.

Have you found any? I do … more than one!

Related Posts
DB2 for i SQL – String Manipulation – POSSTR-LOCATE-LOCATE_IN_STRING (EN)

Introduction Often, in our applications, we need to work with text strings, and DB2 SQL can come in very useful Read more

DB2 for i – FAQ & Howtos (EN)

DB2 Database and SQL ... maybe the most important things on IBM i platform: here's a collection of FAQs, tips Read more

IBM i 7.4 Announcement (En)

Comes directly with the Easter egg this IBM announcement for the news of the IBM i 7.4 version, iNext version Read more

Generated Always Columns (EN)

Introduction "Generated Always Column": are columns, table fields, filled by DB2 engine: something like columns with a default value but Read more

--- Roberto De Pedrini Faq400.com
About author

Founder of Faq400 Srl, IBM Champion, creator of Faq400.com and blog.faq400.com web sites. RPG developer since I was wearing shorts, strong IBM i supporter, I have always tried to share my knowledge with others through forums, events and courses. Now, with my company Faq400 Srl, I help companies to make the most of this great platform IBM i.

Leave a Reply

Your email address will not be published.