Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Configuring login policies such as multi-factor authentication, CAPTCHA, and attestation

Updated on July 1, 2021

You can make user authentication more secure by defining login policies for password requirements, multi-factor authentication, lockout policies, and other similar restrictions.

  • Using the login policies settings

    Enable security policies for user authentication and session management to improve application security. You can control the strength of user IDs and passwords, manage session time-outs and the disabling of operator IDs, control the auditing of login events, and implement CAPTCHA and multifactor authentication.

  • Customizing CAPTCHA presentation and function

    Pega Platform provides CAPTCHA validation on login as one of the options on the Security Policies landing page. A CAPTCHA (or Reverse Turing Test) creates a challenge that is easy enough for a human user to meet, but which is likely to defeat standard automated software.

  • Multi-factor authentication with a one-time password

    Pega Platform supports two-factor authentication by sending a one-time password (OTP) to a user through email. The user must enter this one-time password in your Pega Platform application for verification.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us