Check Password Meets Password Rules (QSYCHKPR) API

  Required Parameter Group:

  Default Public Authority: *USE

  Threadsafe: No

The Check Password Meets Password Rules (QSYCHKPR) API checks if the password specified in the password information meets the password rules for the system on which this API is run. The password rules are composed of system values QPWDRQDDIF and either QPWDRULES or all of the following: QPWDMINLEN, QPWDMAXLEN, QPWDLMTAJC, QPWDLMTCHR, QPWDLMTREP, and QPWDRQDDGT.

System values QPWDPOSDIF and QPWDRULES *LMTSAMPOS are not enforced since there isn't a current password to use for a comparison.

This API only checks the password, it does not actually change the user's password.

When the password successfully conforms to the password rules:

When the password does not conform to the password rules:

The QSYS2.CHECK_PASSWORD table function can be used as an alternative to this API. See CHECK_PASSWORD table function for more information.

Authorities and Locks

If the user profile name is not *NONE, not *CURRENT, or not the user profile name of the currently running user, the caller of the API must have *SECADM special authority and *OBJMGT and *USE authorities to the user profile.

API Public Authority

Required Parameter Group

User profile name

The name of the user for which the password is being checked. The user profile name is used when checking the password rules for system values QPWDRQDDIF (duplicate password control) and QPWDRULES *LMTPRFNAME (password may not contain user name).

You can specify the following special values:

Password information

The information for the password that will be checked against the password rules. See CKPR0100 Format for the definition of the fields for this parameter.


The name of the format that is used to check the password information. The following values are allowed:

Error code
I/O; CHAR(*)

The structure in which to return error information. For the format of the structure, see Error code parameter.

CKPR0100 Format

The following table describes the information that must be specified in the Password information parameter when format CKPR0100 is specified. For detailed descriptions of the fields in the tables, see Field Descriptions.

Field Descriptions

CCSID of password. The CCSID of the password specified in the password field. For a list of valid CCSIDs, see the IBM i globalization topic collection.

The valid values are:

Length of password. The length, in bytes, of the password field.

Offset to password. The offset from the beginning of the password information to the password field.

Password. The password value.

Error Messages

API introduced: V7R5

[ Back to top | Security APIs | APIs by category ]