Since there is no way to control what a user may type into a field, the workaround is to avoid having the security messages with visible password showing up in any logs.
- While it is feasible to block by message id [within TPX for TPXL* messages and within security for those messages] this would eliminate too many messages that are required for regular triage of user issues.
- Field validation at the ISPF panel level [using )PROC and VER statements] is not possible within TPX. TPX programmatically overrides any panel )PROC statements for security purposes.
- Use the Log Writer exit to replace a userid in the message with another character when the userid do not conform to site naming standards.
- For example, if the userid must be alphanumeric and passwords must contain a special character, any userid that contains a special character is definitely invalid and can be replaced with '???????' in the logon rejection message.
- Similar changes should also be considered for the security log and syslog.
- Use the Signon Signoff Exit, TPXUSNSF, to reject the user (RC4) in the pre-security call (function code 8) based on custom code you may add. For example, is the userid is greater than 7 characters, or does not match your site format for alpha and numeric characters.
You may also consider restricting who may view the TPX started task logs and the syslog.