Security Policies

To define security policies for user authentication and session management, use the Security Policies tab.

You must have the pzViewAuthPoliciesLP privilege to view the Security Policies tab. This privilege is part of the PegaRULES:SecurityAdministrator role.

Access this tab from the Dev Studio header by clicking Configure > System > Settings > Security Policies.

  • Select Enable frequently required policies enable and configure password settings, CAPTCHA functionality, lockout settings, and logging levels for auditing logins.

  • Enable and configure two-factor authentication.
  • Enable and configure automatic disablement of inactive operators.
  • Click Display Audit Log to display audit logs related to login attempts.

  • Click View History to see a report of changes to security settings, including the date, the operator who made the change, and what change was made.

Note: In a multitenant environment, each tenant can configure their own security policies or use the common security policies provided by the shared user. However, if the shared user changes the security policies, a tenant who uses the security policies provided by the shared user must wait at least 10 minutes before the changes are reflected.