TSO/E
How you log in to TSO/E with IBM MFA for SecurID enabled depends on the token type you are using, whether you have a valid PIN, and whether pass phrases are enabled.
IBM MFA SecurID
If the security administrator has enabled your account for IBM MFA, you no longer use your RACF® password to log in. Instead, how you log in with TSO/E depends on the following SecurID token and TSO/E configuration choices made by your security administrator:
- What type of token do you have? See Types of token devices for the supported token types.
- Whether you have a valid PIN, whether you must create a new one, or whether the system generates one for you. Your security administrator decides when you must change your PIN.
- Whether pass phrases are enabled. TSO/E passwords are typically a maximum of eight characters. However, it is possible for SecurID credentials to exceed eight characters. Therefore, your security administrator may have selected an alternate TSO/E logon panel that allows you to enter longer passwords called pass phrases in the Password field.
General guidelines
Observe the following guidelines:- It is a best practice to wait until the token code changes before attempting to log in.
- You can use the token code only once.
- If you receive an authentication failure, wait until the token code changes before attempting to log in again.