A user can protect his/her files by passwords. Thereby it is possible to define a different password for each type of access. Passwords are assigned when creating or modifying the catalog entry (e.g. by means of the commands CREATE-FILE and MODIFY-FILE-ATTRIBUTES, operands READ-/WRITE-/EXEC-PASSWORD, or by means of the CATAL macro, operands RDPASS, WRPASS and EXPASS).

There are read, write and execute passwords. Knowledge of the write password also enables users to read and execute the file. Knowledge of the read password also enables users to execute the file. DMS permits access to a file only if the appropriate password is specified in the requesting job (by means of the ADD-PASSWORD command).

If write access is not permitted (due to the definition of a write password or access mode being restricted to read or execute access), DMS prevents the file from being overwritten, extended or erased. The file can be used only as an input file. The password governing write access must be added to the job's password table by means of the ADD-PASSWORD command (see "Access to password-protected files") before the catalog entry is modified.

Passwords are not shown in plaintext in trace listings or similar printed outputs!