What are the rules for passwords used to log on to E3 ASR/AWR/VMR Client?

The maximum length for password for ALL versions is 10 characters.
For Versions prior to 7.8, Client required that all passwords be uppercase.

Beginning at V5R1M0, the QPWDLVL could be set to 2 which allowed the user to have mixed case passwords.
-Uppercase and lowercase characters are allowed.
-Passwords can consist of any character
-The password will be case sensitive.

There are system value changes which must occur on the System i in order to allow for mixed case and special characters in user passwords for the Client Server applications.
These changes are typically made by the security officer of the system.
After changing the system values, an IPL is required for the new settings to become active.

System value changes for mixed case, special character passwords:
-System Password Level = 2
-System Maximum Password Length = 10
-System Password Rule = *PWDSYSVAL (for V6R1M0 and later)

System Value = QPWDLVL
Setting = 2
Definition = Password Level
User profile passwords with a length of 1-128 characters are supported.

System Value = QPWDMAXLEN
Setting = 10
Definition = Maximum password length
The maximum number of characters that can be specified for a password.

System Value = QPWDRULES (V6R1M0 and later)
Setting = *PWDSYSVAL
Definition = Password rules
This system value is ignored and the other password system values are used to check whether a password is formed correctly.

Making these changes to the System i and using a Client Server version earlier than 7.8, leaves the potential for disabling user profiles due to invalid sign on attempts.
If a user has mixed case or all lower case passwords, the earlier versions of the C/S product will convert the password to all uppercase hence invalid sign of attempts.
To avoid this scenario, users should ensure the System i passwords are created using all uppercase unless using a version of the C/S product that is 7.8 or later.