User ID and passwords are clear text or encripted ?

1)I need to know if iSeries Access (Client Access) TN5250 is used to log on to AS/400, is id/pswd sent in clear text? 2)What about FTP? Other features of iSeries Access? I am interested in OS levels V5R2 and above for this information (Please provide if you have any related white papers)

Answer Wiki

Thanks. We'll let you know when a new response is added.

1) If you are accessing your iSeries over the Internet, user ids and passwords as well as data will flow in clear text unless you encrypt the transmission. You can configure the iSeries Access (aka Client Access) Servers to use SSL to encrypt the flow of data. Another solution is to set up a VPN and then open iSeries Access on top of the VPN connection.

2) The biggest problem with FTP is that the server can only handle usernames and passwords in plain text. This is one of the reasons why the root account cannot be used for FTP access on most servers.

Usernames and passwords are not the only things that are sent over clear text. The files themselves are uploaded or downloaded without any encryption at all. That online store you buy your birthday gifts from might give you an HTTPS page to enter your credit card, and their accountants maybe downloading the card details over FTP.

I hope this helps.


Characters typed into a telnet screen are sent as text characters. It doesn’t matter if they’re names, addresses, inventory amounts or passwords that are non-display. Everything on every telnet screen is sent as clear text. That’s why ‘bypass signon’ should always be used and why connections should be ended rather than signing off back to the standard signon panel. Always send the user and password through a TN5250E connection request rather than through a green-screen signon panel.

The same can be said for FTP. Whatever is sent through the FTP script or returned in response is clear text.

If you allow access to telnet signon panels or FTP in your network, you should assume that anyone with network monitoring hardware or software has access to all profiles and passwords.

Telnet over SSL (or VPN) or a secure FTP can minimize risk.


Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • JDWWms
    When using Client Access, entering the profile and password in the initial connection box that is encryted, but if the user enters the profile and password on the green screen it is sent in the clear, You can use the bypass signon then the connection is always encrypted. However if a user signs off and backon or uses SYSREQ to get a Green screen session that signon that would still be in the clear.
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: