Question
Ricoh
Ricoh
US
Ricoh
Posted: Jul 30, 2025
Last activity: Aug 13, 2025
Last activity: 13 Aug 2025 16:10 EDT
Pega MFA using OTP - Avoid OTP on every login
Hi Team,
We are planning to enable MFA using One time passoword using Pega OOTB security policy. Is there an option to avoid asking the user to enter OTP on every login? Such as, only ask the user to enter OTP once in a week or once in two weeks?
Posted: 6 months ago
ai4process ltd
ai4process ltd
GB
Posted: 6 months ago
Ricoh
Ricoh
US
@RaviChandra Thanks, Let me check #1 and #2, and update you.
@SathishKumarJ17003558
the OOTB MFA using OTP does not natively support configurable OTP frequency like “once per week.” By default, OTP is prompted on every login when MFA is enabled.
However, you can achieve a more flexible experience using one of the following approaches:
1. Custom Token Persistence
Store a trusted device token or session cookie after successful OTP validation.
On subsequent logins, check for the presence and validity of this token.
If valid, bypass OTP prompt for that session or device.
2. Extend Authentication Service
Customize the Authentication Service rule to include logic that:
Checks last OTP validation timestamp.
Skips OTP if within the allowed time window (e.g., 7 days).
This requires maintaining a property like
.LastOTPValidatedon the operator or session.3. Use External Identity Provider (IdP)
If using SSO with an external IdP (e.g., Azure AD, Okta), configure MFA frequency at the IdP level.
Pega will rely on the IdP’s authentication flow, including OTP .