DFSMSdss supports password checking at the data set level, but not the catalog level. If a data set is password-protected and RACF-protected, access to the data set is determined only through RACF-authorization checking (password checking is bypassed).

Data set passwords in the DFSMSdss input command do not appear in the SYSPRINT data set listing. However, if your job abnormally ends, those passwords may appear in any resultant dump. To prevent this, you can put the passwords in a data set that is referred to with a DD statement.