Configure IBM MFA Compound In-Band
Configure IBM® MFA Compound In-Band authentication only if you require the user to authenticate in-band with a combination of a SecurID token, and a passphrase or password.
About this task
If both IBM MFA Compound In-Band and TSO pre-prompt are enabled, users may not be able to change a password using in-band authentication. IBM recommends that you use identity tokens to change passwords. See Changing a user password with an identity token for information about using identity tokens.
The z/OS application must support passphrases. IBM MFA Compound In-Band does not support applications that are limited to an 8-character password. This is required because IBM MFA Compound In-Band concatenates the SecurID token with the passphrase or password, separated by a valid separator, and stores the result in the passphrase field.