Skip to main content

Table of Contents

Configuring multi-factor authentication policies


Only available versions of this content are shown in the dropdown

To control the behavior of two-factor authentication, configure the multi-factor authentication policy settings on the Security Policies landing page.

  1. In the Dev Studio header, click Dev Studio Org & Security Authentication Security Policies .

  2. In the Multi-factor authentication policies (using one-time password) section, configure the following required fields:

    1. In the Maximum one-time password failure attempts list, select a value between 1 and 3 to set the number of failed login attempts that your application allows before the one-time password becomes invalid and another one-time password must be generated.

      Setting a lower value helps prevent brute force attacks.
    2. In the Maximum age of one-time password token in seconds field, enter the length of time from when the token is generated to when the user must verify it with your application.

      The maximum age of the one-time password token must be less than the shortlived requestor timeout period, which is defined in minutes in the prconfig setting timeout/requestor/shortlived, and which defaults to 1 minute. If you set the maximum age to be greater than one minute, you must increase the timeout/requestor/shortlived setting.
    3. In the Validity of one-time password confirmation in minutes field, enter how long a user can work in a single session before being logged out.

    4. In the Email account from which one-time password needs to be sent field, press the Down Arrow key, and then select the name of an email account.

  3. Click Submit.

Complete the Generating a one-time password procedure.
    Did you find this content helpful?

    Have a question? Get answers now.

    Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

    Ready to crush complexity?

    Experience the benefits of Pega Community when you log in.

    We'd prefer it if you saw us at our best.

    Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

    Close Deprecation Notice
    Contact us