Question

4
Replies
90
Views
BrettAllen Member since 2015 7 posts
PEGA
Posted: May 16, 2018
Last activity: June 21, 2018
Closed
Solved

PRSecurityException with lockout penalty enabled

The security policy landing page allows us to configure a lockout penalty after a certain number of failed attempts. One option is to lock the account, the other is to impose an increasing delay after each failed login attempt.

After 3 failed login attempts, Pega throws a PRSecurityException and displays the Status Fail message. This prevents the lockout penalty mechanism from working. Is this still supposed to happen when the authentication lockout penalty mechanism is enabled?

Security
Moderation Team has archived post
Share this page LinkedIn