Mixed-case passwords can be used by applications if an SAF-compliant security product (such as RACF®) has enabled this support. In some cases, the USS LOGON DATA parameter is used to send the password to the application. If a terminal user enters a mixed-case password on the USS LOGON command and it is translated to uppercase by the translation table, the logon will fail if the target application expects the password in mixed case.
The USS LOGON command is displayed on the terminal as it is typed, so the password is displayed unless the 3270 format is used and the password is entered into a field with a non-display attribute. For additional security, inform the terminal user to stop entering the password as part of the USS LOGON. Instead, the application should prompt the terminal user for the password in a non-displayed field. If mixed-case passwords are used and the terminal user continues to enter the password as part of the USS LOGON command, the logon will fail when using TRANSLATE=YES (the default) on the USSPARM, because the password has been translated to uppercase.
If you want to continue allowing the terminal user to enter the password on the LOGON command, use one of the following methods to support mixed-case passwords:
With each of these methods, if the user ID is entered with the password, you must first verify whether the application supports translating the user ID to uppercase. A simple test is to enter the DATA portion of the USS LOGON in single quotes with the user ID specified in lowercase. USS will not translate data within single quotes and the quotes are removed before the data is passed to the application. If the logon fails, the application does not support translating the user ID to uppercase and the terminal user must enter the user ID in uppercase and the password in mixed case for the methods suggested.