Question

Change password with MFA/OTP

Hi,

After upgrading to Pega 8, whenever a user's password becomes expired the next time they log in they are redirected to the change password screen. The user is sent the OTP. Once they submit the OTP, they then see a screen with the Pega logo and the text Security policies required that you change your password. See attached screenshot. This is where the user would input their new password and confirm it but these fields are not visible. I did see a support article on the topic. I followed the steps to resolve but it still isn't fixed. I checked the visibility condition on this part of the section and another set of conditions were added (looking for either pyChangePassword or pyChangePasswordOnNextLogin to be true). These properties are both false. Anyone else experience this? Is there a fix included in an upcoming patch? Anyone have any suggestions on how to resolve this?

Thank you,

Casey

***Edited by Moderator Marissa to update platform capability tags****

Comments

Keep up to date on this post and subscribe to comments

December 18, 2019 - 4:01pm

Hi,

What is the support article you found?

December 18, 2019 - 5:08pm
Response to Br@dTainter_GCS

Hi Brad,

The support article I found was at https://community.pega.com/support/support-articles/unable-change-password-through-mfaotp. Running BulkValidateSave on the section didn't do anything.

Thanks for looking into this.

Casey

December 30, 2019 - 11:50am
Response to Br@dTainter_GCS

Hi Brad,

Do you have any updates on this issue?

Thank you,

Casey

January 7, 2020 - 12:53pm

Hi Casey,

Sorry for the delay in responding.  Were there any log messages related to this at all?  I would suggest opening up an SR to have this looked at.  I looked for other issues similar to the post but didn't find anything specific I could provide.  Once you open an SR, reply here with the SR number.

January 21, 2020 - 10:19am
Response to Br@dTainter_GCS

Thank you Brad,

After discussing this with my team, I found out that we are not going to submit the SR.  Our client has decided to switch from SecuredBasic to SSO for all users.