List Data MFA Admin combined with *ALL* Anomaly

Document ID : KB000115543
Last Modified Date : 26/09/2018
Show Technical Document Details
Introduction:
why is MFA displayed in USER1 but not in USER2 
Question:
Hello Support, we have never done TSS ADD(xxx) ADMIN(MFA) and at the moment there are no plans to use MFA After switchting to TSS R16 from R15 we see following anomaly
User1) TSS LIST TYPE = DEPT C/A ----------- ADMINISTRATION AUTHORITIES ACID = INFO LIST DATA = *ALL*,MFA
User2 (other DEPT C/A) ----------- ADMINISTRATION AUTHORITIES ACID = INFO LIST DATA = *ALL* ALL Allows administrator to list everything except PASSWORD, SESSKEY, and PROFILE contents.
So ALL implies MFA i think So why is MFA displayed in USER1 but not in USER2 I expeded to see no MFA Keyword or (maybe) always if acid has additional LIST DATA *ALL* But not mixed I have tried to find any dependencies when MFA is seen or not ADMIN LiST DATA auth MFA, but not *ALL* no user, we never added MFA alone *ALL*,MFA (and maybe others) Acid was created before 2008-04-28 (before TSS 9.0 was used) *ALL* without MFA Acid Create Date before and after 2008-04-28 Can you clarify this anomaly?
Environment:
z/os
Answer:
For the DATA(MFA) suddenly showing up. 
Solutions: 
1) Manually remove MFA admin authority: TSS DEADMIN(acid) DATA(MFA) 
2) If never intend to use MFA, you could leave alone. 

The root cause of the problem, is the bit value now being used for MFA, was used for the TSS/PC product (1992) prior to TSS R9 and was the bit value included DATA(ALL) admin permission.