Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Configuring multi-factor authentication policies

Updated on June 30, 2021

To control the behavior of two-factor authentication, configure the multi-factor authentication policy settings on the Security Policies landing page.

  1. In the Dev Studio header, click Dev StudioOrg & SecurityAuthenticationSecurity Policies.
  2. In the Multi-factor authentication policies (using one-time password) section, configure the following required fields:
    1. In the Maximum one-time password failure attempts list, select a value between 1 and 3 to set the number of failed login attempts that your application allows before the one-time password becomes invalid and another one-time password must be generated.
      Setting a lower value helps prevent brute force attacks.
    2. In the Maximum age of one-time password token in seconds field, enter the length of time from when the token is generated to when the user must verify it with your application.
      The maximum age of the one-time password token must be less than the shortlived requestor timeout period, which is defined in minutes in the prconfig setting timeout/requestor/shortlived, and which defaults to 1 minute. If you set the maximum age to be greater than one minute, you must increase the timeout/requestor/shortlived setting.
    3. In the Validity of one-time password confirmation in minutes field, enter how long a user can work in a single session before being logged out.
    4. In the Email account from which one-time password needs to be sent field, press the Down Arrow key, and then select the name of an email account.
  3. Click Submit.
What to do next: Complete the Generating a one-time password procedure.

    Have a question? Get answers now.

    Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

    Did you find this content helpful?

    Want to help us improve this content?

    We'd prefer it if you saw us at our best.

    Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

    Close Deprecation Notice
    Contact us