Resetting user passwords

If a user account becomes locked, the system administrator might have to reset a user password.

About this task

Depending on system configuration, user accounts are locked when a user makes too many login attempts with an incorrect password. A system administrator who has Db2® administrator access can unlock accounts by resetting the user password.

If users request that you reset their password or if you need to unlock their account, then you need to complete the following steps:

Restriction: You cannot rename a user ID. You must copy or create another user ID to change user IDs.

Procedure

  1. Expand Authentication in the navigation pane.
  2. Click Users to display a list of users in the details pane.
  3. Right-click a user and click Properties. The Users Properties window opens.
  4. Change the password.
  5. Click OK to save the information and close the window.

What to do next

To enforce password syntax validation for IBM® Content Manager users, you can customize a user exit. When the user exit library is deployed, IBM Content Manager recognizes it and invokes it to validate passwords. By default, the IBM Content Manager sample library server user exit (ICMPLSVP) enforces the following password rules:
  • Passwords should be at least eight characters.
  • Each password should contain at least one non-alphabetic character.
Recommendation: For more secure passwords, you should customize the user exit to follow these common password guidelines:
  • Passwords should be at least eight characters.
  • Each password should contain at least two alphabetic characters and at least one numeric or special character. In English, the valid alphanumeric characters include:
    • 52 alphabetic characters (uppercase and lowercase)
    • 10 numerals
    • 3 special characters, the underscore (_), the number sign (#), and the dollar sign ($)
  • Password should expire after 90 days.
  • Each password should differ from the user's user ID and any reverse or circular shift of that user ID.
  • New passwords should differ from the old password by at least three characters.
  • Avoid using consecutive sequences, dictionary words, or other easily guessed passwords.
  • Never write down or share passwords.
Also refer to your local system password policies for guidance in your organization.