Question

How to achieve the below mentioned requirement on password setting/resetting policies???

1. The system shall detect and disallow simple passwords (such as P@ssWord1 and dictionary words)
2. Given the user has never logged in, when he tries to log in,then he will be asked to set up his
own new password according to the policy
3. The system should ask the non-SSO user to change the password.Given it's been 80 days since the
last password reset cycle When the non-SSO login into to Pega.Then he/she should see a message saying that
their password will be soon older than 90 days and they should now change the password
.
4. The system should ask the non-SSO user to change the password.Given it's been 80 days since the last password
reset cycle When the non-SSO login into to Pega.Then he/she should see fields to provide a new password
and a confirmation button.

Where can I code these logics..? is there any activity for it?

Comments

Keep up to date on this post and subscribe to comments

November 19, 2019 - 5:45am

wow, bit compicated logic.

I can help you with point 2. There's a setting on Operator rule (Security tab):

November 27, 2019 - 1:13am
Response to vaspoz

Thanks vaspoz,

 

I have implemented the same.