I don't have a quick answer, but I suggest you trace it and see what logic is being used for determining whether to prompt for a password-change, and see if there are configurable settings or parameters referenced that you may be able to change.

/Eric

Hi,

I traced, I see the activity being called pzShowCPHarness. I am unable to get, how this is getting called. The history of the activity says, its called by system. 

First we would need to know if this is standard Pega Authentication, or some customized or SSO implementation.

If you trace, please be sure to turn on all when events, declaratives, interaction and flow checkboxes

Additionally if you can use Fiddler to provide a web level trace as well, that would also help understand what is going on.

You may be having your session cookie dropped, and that can't be seen in a Pega Trace.

Does the issue occur through a load balancer, or other gateway type network device?

Does the issue occur when connecting directly to the Pega Server?

Please attach zipped pega and fiddler trace if you still can't find the reason.

Hi,

Users are authenticated using standard pega authentication.

I will do the trace and fiddler and attach it once done. Please let me know how can I share the tracer events and fiddler.

Hi, I have added fiddler and tracer events to the SR.

We have raised this issue with our account executive. Seems we are not going to get any fix for this as this is OOTB behaviour by design as per Pega product team. It is very hard to believe that this feature is by design! I feel this is very bad user experience.

Please let me know if anyone implemented a work-around for this? 

Regards

Murali

can you please securities policies ?

we can check this by using landing page under Security --> Setting