Question

4
Replies
99
Views
Close popover
Brett Allen (BrettAllen)
PEGA
Principal Technical Architect
Pegasystems Inc.
US
BrettAllen Member since 2015 7 posts
PEGA
Posted: May 16, 2018
Last activity: June 21, 2018
Closed
Solved

PRSecurityException with lockout penalty enabled

The security policy landing page allows us to configure a lockout penalty after a certain number of failed attempts. One option is to lock the account, the other is to impose an increasing delay after each failed login attempt.

After 3 failed login attempts, Pega throws a PRSecurityException and displays the Status Fail message. This prevents the lockout penalty mechanism from working. Is this still supposed to happen when the authentication lockout penalty mechanism is enabled?

Security
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.