Demo users and password policy
Hello,
I am working on implementing a password policy for a client. I had assumed that the exclusion list of operators was for the password policy requirements, so I put our demo Operator IDs for each of our applications on the server in that list. However, it only applies to the disablement policy. We have many demo Operator IDs for each application and it is not feasible for the client to keep track of all the passwords. How can I exclude demo users from having to change their password?
Pegasystems Inc.
IN
Hello,
I guess you do not want the other users to change the demo user password,
If yes, then you need to restrict the other users by giving appropriate privileges into their 'access roles' so that they won't be able to change the same.
I did not found some article with more info, will send if detected, Thanks.
Coforge
US
Yes. We do not want users to have to change the password. When we implement a password policy change it is system-wide affecting every operator. When users try to log in again, and every 3 months thereafter, they will be required to change their password. How can I exempt some users from this requirement?
Pegasystems Inc.
US
Hi Casey,
Hi Casey,
Per the following document, https://pdn.pega.com/configuring-login-security-and-password-policies/configuring-login-security-and-password-policies, Policy changes take effect immediately after you click Submit, and affect all operators. If you change password-related policies, all users are prompted to change their password when they next log in.
I am not aware of a way to blacklist certain users from the password policy. The article only discusses blacklisting operators that are disabled, so you can still login. This would likely require an enhancement request.
Pegasystems Inc.
US
Any attempts to "hack" a solution to excluding certain operators from security policies would be inherently dangerous. A product enhancement would be needed to allow this on the Security Policies page.