Skip to main content

Managing security policies

Pega Community logo

Note: The following content, referenced from Pega Community, is included here to help you better achieve the module learning objectives.

Enable security policies for user authentication and session management to improve application security. You can control the strength of user IDs and passwords, manage session time-outs and the disabling of operator IDs, control the auditing of login events, and implement CAPTCHA and multifactor authentication.

Note: To manage security policies, you must have the pzViewAuthPoliciesLP privilege, which is included in the PegaRULES:SecurityAdministrator role.
The password, lockout, audit, and operator ID disablement security policies are supported in offline-enabled applications. Multifactor authentication policies are applied only when two-factor authentication is used in custom authentication policies and in application case flows. The operator disablement policy is not enforced unless the Disable Dormant Operators agent is enabled.
  1. In Dev Studio, click Configure > Org & Security > Authentication > Security Policies.
  2. Configure the following policies:
    • Password policies
    • CAPTCHA policies
    • Lockout policies
    • Audit policy
    • Multi-factor authentication policies (using one-time password)
    • Operator disablement policy


    For more information about security policies settings, see Security policies settings.
     

  3. Click Submit.
 
If you are having problems with your training, please review the Pega Academy Support FAQs.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Academy has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice