On Mon, 4 May 2020 15:31:52 -0500, Tom Marchant wrote: >On Mon, 4 May 2020 19:14:31 +0000, Frank Swarbrick wrote: > >>What I would love to see is some sort of "single signon" option, where a user >>would only need >>to sign on to their personal workstation and not need to explicitly sign on >>to z/OS at all. > >IMO, this is a bad idea unless you can count on everyone's workstation being >at least as secure >as z/OS is. All you need is one user who gets their PC hacked and the hacker >has access to z/OS, >with whatever authority that user has. > But the user will keep credentials on a desktop system (I've done so with ssh) or on a Post-It on the terminal screen, etc.
Multi-factor? Real-time facial recognition with challenge-response? Remember, Watson won at Jeopardy, and could probably beat captchas. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
