Change enhanced password encryption policy
The TKE always uses the best available method for protecting the host password during a sign-on
operation. When ICSF is at FMID HCR77B0 or later, enhanced password protection is used. You
can select a policy that only allows a host sign-on attempt if enhanced
password protection is
used. IBM recommends that you move to the minimum ICSF level of FMID HCR77B0 and that you
select the TKE policy that only allows a sign-on to systems that
support enhanced password
protection.
Your TKE 9.2 is ready for use when all preceding steps are completed.
TKE host crypto module migration
See Overview of the IBM TKE host crypto module migration feature (mediacenter.ibm.com/media/Host
+Crypto+Module+Migration+Video+1+-+Overview+of+the+IBM+TKE+Host+Module+Migration+Feature/
1_xd0juqn1) for information on host crypto module migration.
Chapter 3.
Planning for TKE 21